Virus? PC Langsam Anti-Virus/GMER geht nicht!

lolle1 · 05.05.2015, 17:10

Ich habe hier: http://www.trojaner-board.de/166683-...-manchmal.html . Als ich den Scan mit GMER durchführen wollte um das log hier zu Posten habe ich vergessen Kaspersky zu Deaktivieren, was GMER auch erstmal als möglicherweise Gefährlich eingestuft hab. Da ich aber auf Zulassen geklickt habe, wurde GMER dann ausgeführ und ich habe schnell Kaspersky und dessen schutz Beendet. Dann kommt eine Fehlermeldung das GMER nicht mehr Funktioniert.Ich habe es wieder Probiert, und das gleiche. Dann habe ich versucht Kaspersky wieder zu starten, mir wurde angezeigt das ein Prozess oder ähnliches nicht gefunden werden konnte.Dieses war nur kurz da, und dann kam ein Bluescreen und zwar den gleichen den ich erst gestern schon hatte. Gestern ließ sich Windows nur im Abgesicherten Modus Starten, worüber ich festgestellt habe das ein treiber von Kaspersky der Auslöser war.
Also habe ich Kaspersky deinstalliert8und nach dem Neustart wieder Installiert), und schon ging es wieder.
Heute kam die gleiche Fehlermeldung(aber während dem betrieb) und der Pc ließ sich wieder normal staten, nur das (wie gester auch) der Bildschirm nach dem Login ca. 1-2 min schwarz war (abgesehen von einer CPU und RAM anzeige oben rechts).
Bevor heute der Bluescreen aufgetreten ist war das nicht der Fall.
Hier ein FRST log, das andere musste ich anhängen:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Admin (administrator) on ADMIN-PC on 05-05-2015 17:36:37
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\Monitor.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Razer Inc.) C:\MyStuff\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Advanced SystemCare 8] => C:\mystuff\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [OKAYFREEDOM_Agent] => "C:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Google Update] => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-04-28] (Google Inc.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\MountPoints2: {1dcae78a-c26a-11e4-b854-08606eda161e} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\S-1-5-21-2897107241-917314487-1310154325-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = 
SearchScopes: HKU\S-1-5-21-2897107241-917314487-1310154325-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\MyStuff\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-22] (IObit)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\MyStuff\Android\Appprogramierung\Java\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\MyStuff\Android\Appprogramierung\Java\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Extension: DSL Soforthilfe - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default\Extensions\{95E05177-EA09-4386-8B79-FEB1EAC063E6} [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-30]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-30]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\mystuff\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-03-08] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-03-08] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-03-08] (ASUSTeK Computer Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S4 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-26] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-07-10] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\mystuff\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-03-22] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 MBAMScheduler; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2015-01-31] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 DIRECTIO; C:\mystuff\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-18] (Disc Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-04] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 17:36 - 2015-05-05 17:37 - 00023864 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-05 17:36 - 2015-05-05 17:36 - 00000000 ____D () C:\FRST
2015-05-05 17:35 - 2015-05-05 17:35 - 00380416 _____ () C:\Users\Admin\Downloads\Gmer-19357.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2015-05-05 17:35 - 2015-05-05 17:35 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-05 17:35 - 2015-05-05 12:06 - 02101248 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-05-05 17:35 - 2015-05-05 12:06 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2015-05-05 13:43 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-05 13:42 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-05 13:42 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-05 12:07 - 2015-05-05 12:19 - 00000000 ____D () C:\Users\Admin\Downloads\Grand Theft Auto 5 [Salat-Production]
2015-05-05 12:06 - 2015-05-05 12:06 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2015-05-05 12:06 - 2015-05-05 12:06 - 02101248 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-05-05 12:06 - 2015-05-05 12:06 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe
2015-05-04 17:08 - 2015-05-04 17:08 - 00002330 _____ () C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-04 17:06 - 2015-05-04 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-04 17:06 - 2015-05-04 17:05 - 00002140 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-04 17:04 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-04 16:48 - 2015-05-04 16:54 - 197295744 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kis15.0.2.361de-de.exe
2015-05-04 16:35 - 2015-05-04 16:43 - 03334025 _____ () C:\Users\Admin\Downloads\kavremvr 2015-05-04 16-35-18 (pid 2520).log
2015-05-04 16:35 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\Nicht bestätigt 198788.crdownload
2015-05-04 16:34 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\kavremover.exe
2015-05-04 16:28 - 2015-05-04 16:28 - 00011348 _____ () C:\Users\Admin\Downloads\safemsi.zip
2015-05-04 16:27 - 2015-05-04 16:27 - 00000133 _____ () C:\Users\Admin\Downloads\mis-safemode.reg
2015-05-04 15:46 - 2015-05-04 15:46 - 1018616418 _____ () C:\Windows\MEMORY.DMP
2015-05-04 15:46 - 2015-05-04 15:46 - 00262144 _____ () C:\Windows\Minidump\050415-20186-01.dmp
2015-05-02 18:38 - 2015-05-02 18:38 - 08911541 _____ () C:\Users\Admin\Downloads\AK.236.OPO.CM12.1.zip
2015-05-02 17:47 - 2015-05-02 17:57 - 254031717 _____ () C:\Users\Admin\Downloads\pac_bacon-lp-Official-20150425.zip
2015-05-02 17:47 - 2015-05-02 17:47 - 00000098 _____ () C:\Users\Admin\Downloads\pac_bacon-lp-Official-20150425.zip.md5sum
2015-05-02 17:41 - 2015-05-02 18:02 - 295983157 _____ () C:\Users\Admin\Downloads\CyanHacker-v3.0-NIGHTLY-20150330-bacon.zip
2015-05-02 16:34 - 2015-05-02 16:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-05-02 16:32 - 2014-07-04 10:49 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-05-02 16:32 - 2014-07-04 10:49 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-05-01 20:30 - 2015-05-01 20:30 - 05761011 _____ () C:\Users\Admin\Downloads\furnace-1.2.1-stock-kitkat_bacon.zip
2015-05-01 20:29 - 2015-05-01 20:29 - 06476267 _____ () C:\Users\Admin\Downloads\furnace-1.2.3-aosp-lollipop_bacon (1).zip
2015-05-01 20:09 - 2015-05-01 20:09 - 14118912 _____ () C:\Users\Admin\Downloads\TWRP_multirom_bacon_20150416-00.img
2015-05-01 20:09 - 2015-05-01 20:09 - 05572783 _____ () C:\Users\Admin\Downloads\multirom-20150425-v32h-UNOFFICIAL-bacon.zip
2015-05-01 20:08 - 2015-05-01 20:08 - 06476267 _____ () C:\Users\Admin\Downloads\furnace-1.2.3-aosp-lollipop_bacon.zip
2015-05-01 18:55 - 2015-05-01 18:55 - 10800295 _____ () C:\Users\Admin\Downloads\OnePlus One TWRP 2.8.6.0 Flasher.zip
2015-04-30 21:43 - 2015-04-30 21:43 - 00574591 _____ () C:\Users\Admin\Downloads\One-Click Un-Locker [OPO] (3).zip
2015-04-30 21:42 - 2015-04-30 21:42 - 00574591 _____ () C:\Users\Admin\Downloads\One-Click Un-Locker [OPO] (2).zip
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2015-04-29 14:24 - 2015-04-29 14:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-29 14:24 - 2015-04-29 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-29 14:22 - 2015-04-29 14:23 - 00243592 _____ () C:\Users\Admin\Downloads\Firefox Setup Stub 37.0.2.exe
2015-04-28 19:23 - 2015-05-05 12:28 - 00002422 _____ () C:\Users\Admin\Desktop\Google Chrome Canary.lnk
2015-04-28 19:23 - 2015-05-05 01:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2015-04-28 19:19 - 2015-04-28 19:19 - 00880208 _____ (Google Inc.) C:\Users\Admin\Downloads\ChromeSetup.exe
2015-04-28 17:56 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-28 17:56 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-28 12:48 - 2015-04-28 12:48 - 00000800 _____ () C:\DelFix.txt
2015-04-26 20:27 - 2015-04-26 20:27 - 00000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-04-26 20:27 - 2015-04-26 20:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0
2015-04-26 20:24 - 2015-04-26 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GML
2015-04-26 20:24 - 2005-07-26 14:49 - 01040436 _____ (Intel Corporation.) C:\Windows\SysWOW64\cxcore097.dll
2015-04-26 20:24 - 2003-03-19 08:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-04-26 20:24 - 2003-03-19 07:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-04-26 20:24 - 2003-02-21 15:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-04-26 20:23 - 2015-04-26 20:23 - 02127062 _____ (GML Computer Vision Group ) C:\Users\Admin\Downloads\GMLMatting0.3_setup.exe
2015-04-26 20:16 - 2015-04-26 20:16 - 00000000 ____D () C:\Users\Admin\.thumbnails
2015-04-26 20:11 - 2015-04-26 20:28 - 00000000 ____D () C:\Users\Admin\.gimp-2.8
2015-04-26 20:11 - 2015-04-26 20:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\gegl-0.2
2015-04-26 20:09 - 2015-04-26 20:09 - 01697884 _____ () C:\Users\Admin\Downloads\gimp-plugins-13.zip
2015-04-26 20:07 - 2015-04-26 20:07 - 00000822 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-04-26 20:03 - 2015-04-26 20:05 - 91931728 _____ (The GIMP Team ) C:\Users\Admin\Downloads\gimp-2.8.14-setup-1.exe
2015-04-26 20:03 - 2015-04-26 20:03 - 01203488 _____ () C:\Users\Admin\Downloads\Top Collection GIMP Plug ins - CHIP-Installer.exe
2015-04-26 20:02 - 2015-04-26 20:02 - 00009127 _____ () C:\Users\Admin\Downloads\gimp-2.8.14-setup-1.exe.torrent
2015-04-26 15:37 - 2015-04-26 15:37 - 00004801 _____ () C:\Users\Admin\Downloads\GMER.rar
2015-04-26 15:11 - 2015-04-26 15:11 - 00179910 _____ () C:\Users\Admin\Downloads\GMER.log
2015-04-26 14:42 - 2015-04-26 14:43 - 00380416 _____ () C:\Users\Admin\Downloads\j3ygeo5i.exe
2015-04-26 14:32 - 2015-04-26 14:33 - 00004766 _____ () C:\Users\Admin\Documents\2.txt
2015-04-26 14:31 - 2015-04-26 14:31 - 00008329 _____ () C:\Users\Admin\Documents\1.txt
2015-04-26 13:23 - 2015-04-26 13:23 - 01604608 _____ () C:\Users\Admin\Downloads\WB_XII_1_BinaerdarstellungInformation.ppt
2015-04-25 21:28 - 2015-04-25 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos VPN
2015-04-25 21:26 - 2015-04-25 21:26 - 00003222 _____ () C:\Windows\System32\Tasks\{857C73D2-1CA9-42B6-8B95-D80EF5F91DC1}
2015-04-25 21:25 - 2015-04-25 21:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos
2015-04-24 14:01 - 2015-04-24 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\SvchostViewer
2015-04-24 13:56 - 2015-04-24 13:56 - 00040538 _____ () C:\Users\Admin\Downloads\Svchost Viewer Ver 0.5.0.1.zip
2015-04-24 13:47 - 2015-04-26 14:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-24 13:46 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-24 13:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-24 13:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-24 13:45 - 2015-04-24 13:46 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-04-24 13:39 - 2015-04-24 13:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-24 13:39 - 2015-04-24 13:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Professional-(64-bit).dat
2015-04-24 13:39 - 2015-04-24 13:39 - 00000000 ____D () C:\RegBackup
2015-04-24 13:27 - 2015-04-24 13:27 - 01190415 _____ () C:\Users\Admin\Downloads\ProcessExplorer.zip
2015-04-23 21:22 - 2015-04-23 21:22 - 04156986 _____ () C:\Users\Admin\Downloads\youtube-tubemate.2.95.apk
2015-04-20 15:59 - 2015-04-20 15:59 - 00000000 ____D () C:\Users\Admin\.eclipse
2015-04-20 13:38 - 2015-04-20 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-04-20 13:27 - 2015-04-20 13:37 - 215762517 _____ () C:\Users\Admin\Downloads\eclipse-standard-luna-R-win32.zip
2015-04-20 13:26 - 2015-04-20 13:37 - 189180832 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jdk-8u45-windows-x64.exe
2015-04-19 18:39 - 2015-04-19 18:40 - 41948672 _____ (The Chromium Authors) C:\Users\Admin\Downloads\mini_installer.exe
2015-04-19 18:32 - 2015-04-19 18:34 - 94109972 _____ () C:\Users\Admin\Downloads\chrome-win32.zip
2015-04-18 17:42 - 2015-04-18 17:42 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-04-18 17:39 - 2015-04-18 17:40 - 13223208 _____ (Disc Soft Ltd) C:\Users\Admin\Downloads\DTLite501-0406 (1).exe
2015-04-18 17:36 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\VirtualBox VMs
2015-04-18 16:27 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\.VirtualBox
2015-04-18 16:27 - 2015-04-18 16:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Genymobile
2015-04-18 16:13 - 2015-04-18 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-04-18 16:13 - 2014-05-16 14:04 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-04-18 16:12 - 2014-05-16 14:03 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-04-18 16:03 - 2015-04-18 16:04 - 09390250 _____ () C:\Users\Admin\Downloads\Genymotion Flash file.zip
2015-04-18 16:00 - 2015-04-18 16:07 - 133567504 _____ (Genymobile ) C:\Users\Admin\Downloads\genymotion-2.4.0-vbox.exe
2015-04-18 15:20 - 2015-04-18 15:20 - 20614780 _____ () C:\Users\Admin\Downloads\WhatsApp.apk
2015-04-18 14:59 - 2015-04-18 15:00 - 20624992 _____ () C:\Users\Admin\Downloads\WhatsApp42.apk
2015-04-17 17:22 - 2015-04-17 17:22 - 00258097 _____ () C:\Users\Admin\Downloads\nirsoft_package_german-17-06-14.zip
2015-04-17 17:15 - 2015-04-17 17:15 - 00384068 _____ () C:\Users\Admin\Downloads\nirsoft_sprachpaket_deutsch.zip
2015-04-17 17:15 - 2015-04-17 17:15 - 00384068 _____ () C:\Users\Admin\Downloads\nirsoft_sprachpaket_deutsch (1).zip
2015-04-17 06:05 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-17 06:05 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-17 06:05 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-17 06:05 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-17 06:05 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-17 06:05 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-17 06:05 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-17 06:05 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-17 06:05 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-17 06:05 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-17 06:05 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-17 06:05 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-17 06:05 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-17 06:05 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-17 06:05 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-17 06:05 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-17 06:03 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-17 06:02 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-17 06:02 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-17 06:02 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-17 06:02 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-17 06:02 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-17 06:02 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-17 06:02 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-17 06:02 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 06:02 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 06:02 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 06:02 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 06:02 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 05:57 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 05:57 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 05:57 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 14:43 - 2015-04-28 12:06 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1429188192
2015-04-16 14:43 - 2015-04-16 14:43 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Opera Software
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Local\Opera Software
2015-04-16 14:41 - 2015-04-28 12:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-16 14:39 - 2015-04-16 14:39 - 03015656 _____ (Crystal Dew World ) C:\Users\Admin\Downloads\CrystalDiskInfo6_3_2-en.exe
2015-04-14 12:16 - 2015-04-14 12:17 - 52380855 _____ () C:\Users\Admin\Downloads\Clash of Clans_7.1.1.apk
2015-04-13 14:04 - 2015-04-25 21:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-04-12 13:50 - 2015-04-12 13:50 - 00000000 ____D () C:\ProgramData\HP
2015-04-12 08:57 - 2015-04-12 08:57 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2015-04-12 08:56 - 2015-04-12 08:56 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-04-12 08:56 - 2015-04-12 08:56 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-11 02:33 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-11 02:33 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-11 02:33 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-10 15:07 - 2015-04-10 15:07 - 00330518 _____ () C:\Users\Admin\Documents\Documents.rar
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\Users\Admin\Documents\PassMark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\PassMark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\ProgramData\Passmark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2015-04-08 16:21 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-04-08 16:21 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-08 16:21 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-08 16:21 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-04-08 16:21 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-04-08 16:21 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-08 16:21 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-08 16:21 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-08 16:21 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-08 16:21 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-04-08 16:21 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-04-08 16:21 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-08 16:21 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-08 16:21 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-08 16:21 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-08 16:19 - 2015-04-08 16:21 - 00000000 ____D () C:\c8ba8a38767b4e9aaa
2015-04-08 16:18 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-08 16:18 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-08 16:18 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-08 15:01 - 2015-04-08 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\1
2015-04-08 14:40 - 2015-04-08 14:40 - 00000000 ____D () C:\Users\Admin\Documents\Visual Studio 2012
2015-04-08 14:39 - 2015-04-08 14:39 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-04-08 14:26 - 2015-04-08 14:26 - 00000000 ____D () C:\Windows\symbols
2015-04-06 17:16 - 2015-04-06 19:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dvdcss
2015-04-05 21:18 - 2015-05-05 01:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 21:18 - 2015-04-05 21:18 - 00000000 ___SD () C:\Windows\SysWOW64\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 17:36 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:36 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:35 - 2015-01-25 12:32 - 00000000 ____D () C:\Users\Admin
2015-05-05 17:34 - 2015-02-03 13:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-05 17:31 - 2015-02-10 18:39 - 00000000 ___RD () C:\Users\Admin\Dropbox
2015-05-05 17:31 - 2015-02-10 18:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2015-05-05 17:28 - 2015-03-03 15:49 - 00000000 ____D () C:\Users\Admin\AppData\Local\HTC MediaHub
2015-05-05 17:28 - 2015-02-04 14:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-05 17:27 - 2015-02-04 10:59 - 00052379 _____ () C:\Windows\setupact.log
2015-05-05 17:27 - 2015-02-03 13:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 17:26 - 2015-01-25 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 17:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 15:26 - 2015-01-25 13:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA.job
2015-05-05 15:18 - 2015-01-25 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 14:43 - 2015-01-31 11:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-05 13:44 - 2015-01-25 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-05 13:06 - 2015-01-25 12:10 - 01995221 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 12:52 - 2015-01-25 12:52 - 00001377 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-05 01:33 - 2015-03-22 16:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2015-05-05 01:33 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-04 17:23 - 2014-12-13 18:21 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-04 17:23 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-05-04 17:07 - 2015-02-04 10:58 - 00084890 _____ () C:\Windows\PFRO.log
2015-05-04 17:06 - 2015-02-04 14:05 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-04 15:46 - 2015-02-01 10:56 - 00000000 ____D () C:\Windows\Minidump
2015-05-04 13:58 - 2015-03-22 16:29 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-03 19:26 - 2015-01-25 13:05 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core.job
2015-05-03 13:40 - 2015-01-25 15:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-05-01 18:51 - 2015-01-25 14:31 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2015-01-25 14:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-01 17:35 - 2015-02-03 13:25 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 16:32 - 2015-02-05 13:09 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-28 19:21 - 2015-01-25 13:05 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA
2015-04-28 19:21 - 2015-01-25 13:05 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core
2015-04-28 19:21 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2015-04-28 12:45 - 2015-03-22 16:29 - 00002880 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Admin
2015-04-27 17:21 - 2015-01-31 10:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-27 17:09 - 2015-03-03 16:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-27 14:20 - 2015-01-25 20:49 - 00000000 ____D () C:\Windows.old
2015-04-26 20:06 - 2015-02-13 18:36 - 00000000 ____D () C:\MyStuff
2015-04-26 16:42 - 2015-01-25 14:03 - 00000000 ___HD () C:\ProgramData\Origin
2015-04-26 12:40 - 2015-02-10 18:39 - 00001017 _____ () C:\Users\Admin\Desktop\Dropbox.lnk
2015-04-26 12:40 - 2015-02-10 18:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-24 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2015-04-24 13:47 - 2014-02-19 16:09 - 00000000 ____D () C:\adwareentferner
2015-04-24 13:41 - 2015-03-16 18:07 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-22 23:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-22 16:27 - 2015-02-05 13:09 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-22 16:27 - 2015-02-05 13:09 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-21 12:28 - 2015-01-25 21:04 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-21 12:28 - 2015-01-25 21:04 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-21 12:28 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 12:14 - 2015-01-28 15:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-21 12:10 - 2015-01-28 15:04 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-20 15:29 - 2015-03-03 15:38 - 00000000 ____D () C:\Users\Admin\.android
2015-04-20 13:40 - 2015-02-14 11:07 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-20 13:38 - 2015-02-14 11:07 - 00000000 ____D () C:\Program Files\Java
2015-04-20 13:26 - 2015-01-25 12:51 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-19 10:07 - 2015-03-22 16:31 - 00002144 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-04-15 21:18 - 2015-01-25 13:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 21:18 - 2015-01-25 13:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 21:18 - 2015-01-25 13:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-12 13:49 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2015-04-12 08:56 - 2015-01-25 12:59 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-04-12 08:55 - 2015-01-25 12:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-10 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-10 15:25 - 2015-01-25 14:02 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-09 16:15 - 2015-01-31 13:16 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-09 08:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 02:58 - 2015-01-25 14:53 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-09 02:58 - 2015-01-25 12:44 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2015-01-25 12:45 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 22:18 - 2015-01-27 07:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 22:18 - 2015-01-27 07:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-08 19:52 - 2015-01-25 12:45 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-08 16:24 - 2015-03-18 15:19 - 00000000 ____D () C:\ProgramData\IObit
2015-04-08 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-08 14:39 - 2015-01-25 15:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 14:38 - 2015-03-17 20:56 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-04-08 14:38 - 2015-03-17 20:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-04-08 14:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-08 14:30 - 2015-03-17 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-04-08 14:19 - 2015-03-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\SysWOW64\1031
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\system32\1033
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\system32\1031
2015-04-07 15:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-06 19:23 - 2015-01-25 14:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2015-04-06 08:55 - 2015-03-22 16:29 - 00001878 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-04-05 09:21 - 2015-01-25 13:59 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2015-04-05 09:20 - 2015-03-18 15:30 - 00001625 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk

==================== Files in the root of some directories =======

2015-03-14 15:04 - 2015-03-14 15:04 - 0000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu
2015-04-26 20:27 - 2015-04-26 20:27 - 0000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-02-04 17:23 - 2015-03-17 14:00 - 0007587 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoaqun_.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 21:23

==================== End Of Log ============================

--- --- ---

Gruß
Lolle1

schrauber · 05.05.2015, 17:24

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

lolle1 · 05.05.2015, 17:26

Sorry aber oben häts nicht mehr hingepast und wir sollen ja nicht auf unsere eigenen Themen Antworten.

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Admin at 2015-05-05 17:37:32
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2897107241-917314487-1310154325-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2897107241-917314487-1310154325-500 - Administrator - Disabled)
Gast (S-1-5-21-2897107241-917314487-1310154325-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2897107241-917314487-1310154325-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\uTorrent) (Version: 3.4.2.38429 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.04.02 - ASUSTeK Computer Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.3.16.0 - concept/design GmbH)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CSGO (HKLM-x32\...\South Park The Stick of Truth_is1) (Version: 1.0.0.0 - )
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
Dropbox (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
DSL Soforthilfe (HKLM-x32\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{4705DBFD-9D5E-4D23-817C-8CA7359B7BDE}) (Version: 11.1.20810.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GIMP LqR Plug-In (HKLM-x32\...\GimpLqRPlugIn) (Version: PlugIn: 0.7.1 - Lib: 0.4.1 - Carlo Baldassi)
GML Matting 0.3 (HKLM-x32\...\GML Matting_is1) (Version: 0.3 - GML Computer Vision Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Google Chrome SxS) (Version: 44.0.2392.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Lemonade Tycoon Deluxe (HKLM-x32\...\Lemonade Tycoon Deluxe) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
ManyCam 4.1.1 (HKLM-x32\...\ManyCam) (Version: 4.1.1 - Visicom Media Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Monstrum v0.8.1.260115 (HKLM-x32\...\Monstrum v0.8.1.260115 1.0.0) (Version: 1.0.0 - IGG-GAMES.COM)
Monstrum v0.8.1.260115 (x32 Version: 1.0.0 - IGG-GAMES.COM) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version: 29.0.1795.47 - Opera Software ASA)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PC Camera (0022.2009.1125.1004) (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.22.09 - PixArt)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1045.0 - Passmark Software)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
RESCUE 2013 (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\RESCUE 2013) (Version: 1.10.00.00 - rondomedia GmbH)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Setup - Life Is Strange (c) Square Enix ... (HKLM-x32\...\Setup - Life Is Strange (c) Square Enix ...) (Version: ... - DONTNOD Entertainment)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version:  - Outerlight)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.5.0 - Palit Microsystems Ltd.)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
TransOcean - The Shipping Company (HKLM-x32\...\TransOcean - The Shipping Company_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
TuneGet 3.4.6 (HKLM-x32\...\{050A0D31-6B33-4137-ADE5-C0896E5FA98D}_is1) (Version: 3.4.6 - cyan soft ltd)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{1BEAC3E3-B852-44F4-B468-8906C062422E}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\44.0.2392.0\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

30-04-2015 02:43:06 Windows Update
02-05-2015 16:34:29 Gerätetreiber-Paketinstallation: Google, Inc.
05-05-2015 12:03:44 Windows Update
05-05-2015 13:44:20 NVIDIA PhysX wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C3AE204-53FF-4F95-93EC-601BE4A826B9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {0EB155AB-6154-4A5A-9281-F7AD2F43413A} - System32\Tasks\{81B20F25-A8D3-401B-A8AF-13833EFF0409} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {14E65D74-C31C-4796-B2D4-B26FA9D97433} - System32\Tasks\{A6EFA8B0-0E6C-49C3-9DDB-81D542A2D1F5} => pcalua.exe -a C:\Windows\unvise32.exe -c C:\Games\Lemonade Tycoon\Deluxe\uninstal.log
Task: {19818A66-9C6A-4E00-85A9-2C03A58F7AA5} - System32\Tasks\{701E15D1-5EFA-4ED6-9EE6-903E652B9E56} => D:\ConfigTool.exe
Task: {1A1FAE80-3315-4F2A-9838-FE4122F4BE3E} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {251C110C-8386-4F6A-A2C9-48A217A2554B} - System32\Tasks\{5BED8C99-B888-433C-B558-29CF724897C0} => Chrome.exe 
Task: {40C1C43A-3E66-4644-B966-CA82D5FE6622} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {448F0E75-EFB7-4AAB-B42F-1C2ED7EDF819} - System32\Tasks\{7B478976-E56C-41B3-A889-25308FB70DC5} => pcalua.exe -a D:\Autorun.exe -d D:\
Task: {4973D486-168C-4467-B4C6-031A94DA92F8} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {644E50EE-D823-49C0-8673-3C78D8BBBB97} - System32\Tasks\{857C73D2-1CA9-42B6-8B95-D80EF5F91DC1} => pcalua.exe -a "C:\Windows.old\Program Files (x86)\OkayFreedom\setuptool.exe" -d "C:\Windows.old\Program Files (x86)\OkayFreedom"
Task: {70E942FB-282D-4E6B-BE51-9BB994DC0A64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {796A8CE5-4509-4C80-AE6B-E7531F6C122D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-28] (Google Inc.)
Task: {7F2C20EE-C0FF-4A1B-AAF3-19CCC8358C4D} - System32\Tasks\Opera scheduled Autoupdate 1429188192 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
Task: {855269D4-D342-41DA-83A9-68C5286A9AAA} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\mystuff\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {89D8FC99-0E9A-400E-9423-F26BF25E5E33} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {920C1C59-D466-499A-A94A-7A3EE112035E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {97A5121B-DCAC-404A-A70A-4B7CBFE1E8F2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-28] (Google Inc.)
Task: {9FDBA844-E42E-47E8-9A6A-DF02A597EBD6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {A80F3743-D177-446B-B438-73CF308E9084} - System32\Tasks\ASC8_SkipUac_Admin => C:\mystuff\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {B0BF2EB8-B30B-4D63-B657-2AC8578EC61F} - System32\Tasks\ASC8_PerformanceMonitor => C:\mystuff\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {BC05F33F-5B2E-4BF6-BC97-1F55F9FC7BEC} - System32\Tasks\{91A5B4F2-BB58-42C9-B538-0123CD3354EB} => D:\AutoRun.exe
Task: {C8BB97D8-D717-4E18-AD97-BB0E3A9A34DF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DCAF1F6D-C500-42FA-A28D-D24AE95C6E27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {E8A024B4-4E5C-4E78-AFCE-BF3D16594920} - System32\Tasks\{AC484F85-0206-4066-A413-5D14D2B3271F} => pcalua.exe -a D:\AutoRun.exe -d D:\
Task: {E8F4C604-B99D-4E90-9019-22E5F22289D5} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\MyStuff\Asus\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-25 12:45 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\mystuff\FileZilla FTP Client\fzshellext_64.dll
2015-03-08 14:44 - 2015-03-08 14:44 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-02-03 18:46 - 2015-02-03 18:46 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-14 14:45 - 2013-11-21 22:57 - 20585888 ____N () C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-05 12:28 - 2015-05-05 09:28 - 01750344 _____ () C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\44.0.2392.0\libglesv2.dll
2015-05-05 12:28 - 2015-05-05 09:28 - 00093000 _____ () C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\44.0.2392.0\libegl.dll
2015-03-22 16:29 - 2013-10-25 13:08 - 00517408 _____ () C:\mystuff\IObit\Advanced SystemCare 8\sqlite3.dll
2015-03-22 16:29 - 2013-01-15 19:48 - 00348992 _____ () C:\mystuff\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-03-22 16:29 - 2013-01-15 19:48 - 00183616 _____ () C:\mystuff\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-22 16:29 - 2013-01-15 19:48 - 00051008 _____ () C:\mystuff\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-08 14:44 - 2015-05-05 17:27 - 00022528 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-03-08 14:44 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2014-12-18 16:06 - 2014-12-18 16:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 16:09 - 2014-12-18 16:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 16:09 - 2014-12-18 16:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 16:11 - 2014-12-18 16:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 16:14 - 2014-12-18 16:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-05-05 12:51 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-22 16:29 - 2013-01-15 19:47 - 00893248 _____ () C:\MyStuff\IObit\Advanced SystemCare 8\webres.dll
2015-05-05 17:28 - 2015-05-05 17:28 - 00043008 _____ () c:\users\admin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoaqun_.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-08 14:46 - 2012-07-11 14:57 - 00152064 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2015-03-08 14:46 - 2011-07-12 20:14 - 00147456 _____ () C:\MyStuff\Asus\AI Suite II\AssistFunc.dll
2015-03-08 14:46 - 2010-10-05 09:22 - 00253952 _____ () C:\MyStuff\Asus\AI Suite II\pngio.dll
2015-03-08 14:46 - 2012-03-21 13:07 - 00972288 _____ () C:\MyStuff\Asus\AI Suite II\BarGadget\BarGadget.dll
2015-03-08 14:46 - 2012-07-12 12:27 - 01125376 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\Network iControl.dll
2015-03-08 14:46 - 2012-05-25 11:33 - 00883712 _____ () C:\MyStuff\Asus\AI Suite II\Sensor\Sensor.dll
2015-03-08 14:46 - 2012-05-28 22:27 - 01622528 _____ () C:\MyStuff\Asus\AI Suite II\Sensor Graph\SensorGraph.dll
2015-03-08 14:46 - 2011-09-19 21:18 - 01243136 _____ () C:\MyStuff\Asus\AI Suite II\Settings\Settings.dll
2015-03-08 14:46 - 2011-07-21 10:06 - 00846848 _____ () C:\MyStuff\Asus\AI Suite II\Splitter\Splitter.dll
2015-03-08 14:46 - 2011-10-14 21:03 - 00885248 _____ () C:\MyStuff\Asus\AI Suite II\TabGadget\TabGadget.dll
2015-03-08 14:44 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2015-03-08 14:46 - 2010-10-05 09:22 - 00208896 _____ () C:\MyStuff\Asus\AI Suite II\ImageHelper.dll
2015-03-08 14:46 - 2012-05-10 17:38 - 00786432 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\func.dll
2015-03-08 14:46 - 2010-10-05 09:22 - 00253952 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2015-03-08 14:46 - 2009-08-12 21:15 - 00253952 _____ () C:\MyStuff\Asus\AI Suite II\Sensor\AlertHelper\pngio.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2897107241-917314487-1310154325-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B5093128-BD39-4F2A-B12A-1B051772CE5E}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F714D1AA-AB26-41F2-9E53-D6860E7D7F4A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{679D759C-B9B6-468A-B7B2-B0DC7E77B63D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6056236-36AE-4B04-936E-4EDB1FF0F3DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{01F9A4FD-8944-4780-9B14-A601027B5B54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9EB602C3-DC7C-4E05-98D1-4E577CDA077D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EFFFB17B-2C45-4AA0-9153-64318F88396B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D8CC8935-7204-419D-AA2B-06AA73B9BC4B}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{6EF97883-B640-4178-AC21-A0D7A8414C85}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{30C0475D-D2B9-4B62-9FCC-AE2BCAFA2BD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6990B04E-D314-470A-8D65-7B5B367552F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5068AE5E-6AA6-47BE-8C81-7140864CD90D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FCE483A1-7192-4453-9ACA-3E95FE13CF21}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{304FC498-2FC1-4336-9373-45945AC76FBD}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED337DB5-F927-403E-B3E8-DD6BE77785C0}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3B3995AA-9C43-4A83-A741-96630408D1B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{DEEB3993-5A18-45DA-930D-F5294819FA4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{165FB8D0-8C4B-4E93-B4B9-D8C9207D3834}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{EEF2ED0A-DFE1-40F9-B5C6-9EA29D479E12}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{866BCE60-409C-406B-B17B-6B0F5C2BC745}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3CD5DB73-2064-4BB0-A69F-DA06B9F3E5B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F20897B8-504A-4CF7-B6D0-68A0C2DD2587}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E53865BC-854F-437F-B280-E2D2FEF4C58D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{993D861F-F87A-42A8-A585-DB493A203B0B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{C09B481A-B2B2-435B-A57C-AC0D1E48371A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{FF90BE29-6C97-4F37-ACF8-6C5BD73A0E7B}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5D03016B-9D17-408A-A658-C94E44BEFAD2}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A1AE9762-3551-4BDC-AB21-EA9ECAD8C442}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5F980772-19D0-43A1-95A9-BDBE01C1FF6C}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{79C7C257-EB7B-4541-BA4F-4A6F0C87B309}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{9ED48F84-2FC9-4302-89EF-9061B25DB01D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{6351247D-5EBE-4DB0-AFB6-AFE49C05412C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{1927CB6E-F8D4-43C1-930E-858DBAD89969}] => (Allow) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
FirewallRules: [{9FCEC3D0-F7AD-4523-B394-6D35318F5C6F}] => (Allow) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
FirewallRules: [{A09D318E-8ACA-4DCE-B340-CFE72088E08D}] => (Allow) C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{65EDCAC5-BCB8-42E1-94C5-3A5F2D1A8693}] => (Allow) C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{DE4F105B-17AF-4C6B-8CF8-12F897450751}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3D4B25CF-908B-41C9-8334-2B7476F3FF1F}] => (Allow) C:\mystuff\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{843A4135-63B2-41AB-9006-302D4F22D044}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{BDAF5A92-45B9-430E-A919-4ACCA72B9CCF}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{41E12B42-0856-4950-BD64-8F25ED8516AE}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C49E55F5-A48F-4ADE-BF3A-BF4E779895F4}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D493C102-0FA9-46D5-82CE-2EFF976EB8D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{383DD8F8-4A04-48A4-B6D9-A7AB70DE5930}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6DBF906-C093-4408-B945-B774B9EFDBF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E7AAEA63-24F3-4D29-9339-153F568F122D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{695BC763-C4E7-4873-8C43-00B4E5D466FC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BF77153F-5186-474C-8F9D-BA2B7A32CE8C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DA9C52C0-4726-4ED4-9129-9C992212429A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5A346E7C-45E5-4464-82E4-928521CA334D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0FF3DFEF-3C6F-425F-863B-A3DF24310498}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9EA35874-E0CC-44B3-859A-7F28B2037982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{DF9EDED3-05C7-412E-8F1A-2099C146364C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{92551A0F-4ADA-40CD-ACCF-839DAEA1A3A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{344422EA-8C04-4DCE-8592-230018B0D896}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{221940D1-E694-46DE-BDF1-FCD4CCBB9A34}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B2CC07E0-3C8B-4719-8920-E49BBEFD328D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9A18ABBF-5A15-418D-9B66-CECD60F2C732}] => (Allow) C:\Windows.old\Program Files (x86)\OkayFreedom\polipo\node.exe
FirewallRules: [{7E4F8397-1EE5-4B41-912B-FDC447B84B8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{04C3FEE5-2A08-4A2C-9118-FD6AAAEE3CEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{074CBF9E-E382-4B5A-94DE-B0775709F863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{46F9F50C-FFE5-46A5-81D5-84E781D9F12B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{EF4C9920-7019-432C-9F2B-B49086DF8F76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{93E3AD1B-901C-499E-9F2E-CB100485CEAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{473B4E59-9ABC-4713-B333-E1F1C471BC11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0D0507D-00A0-4E39-8235-1FD8D0F6EFFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CB34FF50-7683-424F-B3EC-D7CF59C80EBF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\mystuff)\xchat\xchat.exe] => Enabled:XChat IRC Client

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2015 03:53:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/02/2015 04:30:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/02/2015 08:32:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/01/2015 06:45:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/30/2015 11:25:09 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt

Error: (04/30/2015 11:25:09 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 03:02:22 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 03:02:22 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 02:59:45 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 00:28:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (05/05/2015 05:28:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2015 05:28:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.

Error: (05/05/2015 05:27:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Game Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2015 05:27:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Game Scanner erreicht.

Error: (05/05/2015 05:27:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/05/2015 02:50:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2015 02:50:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.

Error: (05/05/2015 02:49:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Game Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2015 02:49:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Game Scanner erreicht.

Error: (05/05/2015 02:48:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (05/03/2015 03:53:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (05/02/2015 04:30:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$Recycle.Bin\S-1-5-21-2897107241-917314487-1310154325-1000\$RCUKIV2.exe

Error: (05/02/2015 08:32:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (05/01/2015 06:45:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (04/30/2015 11:25:09 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt

Error: (04/30/2015 11:25:09 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 03:02:22 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 03:02:22 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 02:59:45 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2015 00:28:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe


CodeIntegrity Errors:
===================================
  Date: 2015-02-13 15:55:38.956
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 15:55:38.939
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 15:54:23.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 15:54:23.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 36%
Total physical RAM: 8143.76 MB
Available physical RAM: 5206.09 MB
Total Pagefile: 16285.71 MB
Available Pagefile: 12823.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:735.88 GB) NTFS
Drive d: (DVD) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E426742)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Danke für die Hilfe, und Gruß
Lolle1

schrauber · 06.05.2015, 07:57

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

lolle1 · 06.05.2015, 14:02

Beides hat nichts gefunden.
Hier die logs:

Code:

ATTFilter

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17728

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.400000 GHz
Memory total: 8539348992, free: 5122203648

Downloaded database version: v2015.05.06.02
Downloaded database version: v2015.04.21.01
Downloaded database version: v2015.04.22.01
Initializing...
======================
------------ Kernel report ------------
     05/06/2015 14:22:43
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\cm_km_w.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\system32\DRIVERS\klhk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\klwtp.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\ndisrd.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\avmaura.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\mcvidrv.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\mcaudrv_x64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\TVMonitor.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\kldisk.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\rzpmgrk.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\normaliz.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\advapi32.dll
\Windows\System32\user32.dll
\Windows\System32\nsi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\msctf.dll
\Windows\System32\usp10.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imm32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\psapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\wininet.dll
\Windows\System32\kernel32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\urlmon.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\setupapi.dll
\Windows\System32\sechost.dll
\Windows\System32\lpk.dll
\Windows\System32\difxapi.dll
\Windows\System32\ole32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\userenv.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.05.06.02
  rootkit: v2015.04.21.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80077dc060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80077dcb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80077dc060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80070b9060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2E426742

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 1953312768

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Code:

ATTFilter

14:57:19.0633 0x03d0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:57:21.0391 0x03d0  ============================================================
14:57:21.0391 0x03d0  Current date / time: 2015/05/06 14:57:21.0391
14:57:21.0391 0x03d0  SystemInfo:
14:57:21.0391 0x03d0  
14:57:21.0391 0x03d0  OS Version: 6.1.7601 ServicePack: 1.0
14:57:21.0391 0x03d0  Product type: Workstation
14:57:21.0391 0x03d0  ComputerName: ADMIN-PC
14:57:21.0391 0x03d0  UserName: Admin
14:57:21.0391 0x03d0  Windows directory: C:\Windows
14:57:21.0391 0x03d0  System windows directory: C:\Windows
14:57:21.0391 0x03d0  Running under WOW64
14:57:21.0391 0x03d0  Processor architecture: Intel x64
14:57:21.0391 0x03d0  Number of processors: 4
14:57:21.0391 0x03d0  Page size: 0x1000
14:57:21.0391 0x03d0  Boot type: Normal boot
14:57:21.0391 0x03d0  ============================================================
14:57:23.0571 0x03d0  KLMD registered as C:\Windows\system32\drivers\83259835.sys
14:57:23.0701 0x03d0  System UUID: {31DACB2B-3832-705D-3B91-61716B807BB2}
14:57:23.0981 0x03d0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:57:23.0981 0x03d0  ============================================================
14:57:23.0981 0x03d0  \Device\Harddisk0\DR0:
14:57:23.0981 0x03d0  MBR partitions:
14:57:23.0981 0x03d0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:57:23.0981 0x03d0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
14:57:23.0981 0x03d0  ============================================================
14:57:24.0001 0x03d0  C: <-> \Device\Harddisk0\DR0\Partition2
14:57:24.0001 0x03d0  ============================================================
14:57:24.0001 0x03d0  Initialize success
14:57:24.0001 0x03d0  ============================================================
14:57:31.0874 0x2314  ============================================================
14:57:31.0874 0x2314  Scan started
14:57:31.0874 0x2314  Mode: Manual; SigCheck; TDLFS; 
14:57:31.0874 0x2314  ============================================================
14:57:31.0874 0x2314  KSN ping started
14:57:45.0623 0x2314  KSN ping finished: true
14:57:46.0678 0x2314  ================ Scan system memory ========================
14:57:46.0678 0x2314  System memory - ok
14:57:46.0678 0x2314  ================ Scan services =============================
14:57:46.0793 0x2314  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:57:46.0831 0x2314  1394ohci - ok
14:57:46.0848 0x2314  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:57:46.0858 0x2314  ACPI - ok
14:57:46.0868 0x2314  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:57:46.0878 0x2314  AcpiPmi - ok
14:57:46.0998 0x2314  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:57:47.0008 0x2314  AdobeARMservice - ok
14:57:47.0079 0x2314  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:57:47.0089 0x2314  AdobeFlashPlayerUpdateSvc - ok
14:57:47.0139 0x2314  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:57:47.0159 0x2314  adp94xx - ok
14:57:47.0199 0x2314  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:57:47.0209 0x2314  adpahci - ok
14:57:47.0239 0x2314  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:57:47.0249 0x2314  adpu320 - ok
14:57:47.0350 0x2314  [ 2F442BAA7A739EDFB8CBF6BFBE8F5388, 3D32935DFEB0EA026F9824A78A7232C08C47FE13792AC1A212239B8103F98439 ] AdvancedSystemCareService8 C:\mystuff\IObit\Advanced SystemCare 8\ASCService.exe
14:57:47.0370 0x2314  AdvancedSystemCareService8 - ok
14:57:47.0397 0x2314  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:57:47.0417 0x2314  AeLookupSvc - ok
14:57:47.0468 0x2314  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:57:47.0478 0x2314  AFD - ok
14:57:47.0508 0x2314  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:57:47.0518 0x2314  agp440 - ok
14:57:47.0528 0x2314  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:57:47.0538 0x2314  ALG - ok
14:57:47.0568 0x2314  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:57:47.0578 0x2314  aliide - ok
14:57:47.0578 0x2314  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:57:47.0588 0x2314  amdide - ok
14:57:47.0608 0x2314  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:57:47.0625 0x2314  AmdK8 - ok
14:57:47.0631 0x2314  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:57:47.0641 0x2314  AmdPPM - ok
14:57:47.0671 0x2314  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:57:47.0681 0x2314  amdsata - ok
14:57:47.0701 0x2314  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:57:47.0701 0x2314  amdsbs - ok
14:57:47.0721 0x2314  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:57:47.0721 0x2314  amdxata - ok
14:57:47.0761 0x2314  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
14:57:47.0771 0x2314  AppID - ok
14:57:47.0781 0x2314  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:57:47.0796 0x2314  AppIDSvc - ok
14:57:47.0818 0x2314  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:57:47.0828 0x2314  Appinfo - ok
14:57:47.0934 0x2314  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:57:47.0940 0x2314  Apple Mobile Device Service - ok
14:57:47.0985 0x2314  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:57:47.0995 0x2314  AppMgmt - ok
14:57:48.0020 0x2314  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:57:48.0028 0x2314  arc - ok
14:57:48.0035 0x2314  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:57:48.0042 0x2314  arcsas - ok
14:57:48.0147 0x2314  [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
14:57:48.0183 0x2314  asComSvc - ok
14:57:48.0218 0x2314  [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
14:57:48.0239 0x2314  asHmComSvc - ok
14:57:48.0286 0x2314  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
14:57:48.0291 0x2314  AsIO - ok
14:57:48.0368 0x2314  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:57:48.0375 0x2314  aspnet_state - ok
14:57:48.0400 0x2314  [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
14:57:48.0407 0x2314  AsSysCtrlService - ok
14:57:48.0438 0x2314  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:48.0459 0x2314  AsyncMac - ok
14:57:48.0490 0x2314  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:57:48.0496 0x2314  atapi - ok
14:57:48.0545 0x2314  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:57:48.0562 0x2314  AudioEndpointBuilder - ok
14:57:48.0575 0x2314  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:57:48.0592 0x2314  AudioSrv - ok
14:57:48.0624 0x2314  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
14:57:48.0632 0x2314  avmaura - ok
14:57:48.0838 0x2314  [ CF467DE3D15EFB58C4DB780DF234EB34, B75CB9DFB86BE951505419A078F5993268062E2586CBA896B36E97BA768BD15D ] AVP15.0.2       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
14:57:48.0848 0x2314  AVP15.0.2 - ok
14:57:48.0884 0x2314  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:57:48.0894 0x2314  AxInstSV - ok
14:57:48.0944 0x2314  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:57:48.0954 0x2314  b06bdrv - ok
14:57:48.0964 0x2314  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:48.0974 0x2314  b57nd60a - ok
14:57:49.0065 0x2314  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:57:49.0073 0x2314  BDESVC - ok
14:57:49.0149 0x2314  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:57:49.0169 0x2314  Beep - ok
14:57:49.0227 0x2314  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:57:49.0248 0x2314  BFE - ok
14:57:49.0302 0x2314  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:57:49.0347 0x2314  BITS - ok
14:57:49.0357 0x2314  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:49.0367 0x2314  blbdrive - ok
14:57:49.0431 0x2314  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:57:49.0446 0x2314  Bonjour Service - ok
14:57:49.0485 0x2314  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:57:49.0492 0x2314  bowser - ok
14:57:49.0527 0x2314  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:57:49.0550 0x2314  BrFiltLo - ok
14:57:49.0561 0x2314  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:57:49.0584 0x2314  BrFiltUp - ok
14:57:49.0623 0x2314  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:57:49.0635 0x2314  Browser - ok
14:57:49.0689 0x2314  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:57:49.0701 0x2314  Brserid - ok
14:57:49.0736 0x2314  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:49.0745 0x2314  BrSerWdm - ok
14:57:49.0826 0x2314  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:49.0835 0x2314  BrUsbMdm - ok
14:57:49.0884 0x2314  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:49.0897 0x2314  BrUsbSer - ok
14:57:49.0960 0x2314  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:57:49.0970 0x2314  BTHMODEM - ok
14:57:50.0027 0x2314  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:57:50.0049 0x2314  bthserv - ok
14:57:50.0096 0x2314  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:57:50.0118 0x2314  cdfs - ok
14:57:50.0226 0x2314  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:57:50.0236 0x2314  cdrom - ok
14:57:50.0277 0x2314  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:57:50.0298 0x2314  CertPropSvc - ok
14:57:50.0373 0x2314  [ 08D4BD3F12DFF3A11E4F2C09745DA0FA, 99A19D3B43F5B21A3E23B9A91D9443ED2710C14B954C769B837626181FC4F630 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
14:57:50.0380 0x2314  CGVPNCliService - ok
14:57:50.0406 0x2314  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:57:50.0415 0x2314  circlass - ok
14:57:50.0469 0x2314  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:57:50.0481 0x2314  CLFS - ok
14:57:50.0569 0x2314  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:50.0576 0x2314  clr_optimization_v2.0.50727_32 - ok
14:57:50.0623 0x2314  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:50.0631 0x2314  clr_optimization_v2.0.50727_64 - ok
14:57:50.0765 0x2314  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:50.0773 0x2314  clr_optimization_v4.0.30319_32 - ok
14:57:50.0787 0x2314  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:50.0799 0x2314  clr_optimization_v4.0.30319_64 - ok
14:57:50.0815 0x2314  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:57:50.0825 0x2314  CmBatt - ok
14:57:50.0843 0x2314  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:57:50.0849 0x2314  cmdide - ok
14:57:50.0880 0x2314  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
14:57:50.0888 0x2314  cm_km_w - ok
14:57:50.0940 0x2314  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
14:57:50.0957 0x2314  CNG - ok
14:57:50.0989 0x2314  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:57:50.0995 0x2314  Compbatt - ok
14:57:51.0015 0x2314  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:57:51.0024 0x2314  CompositeBus - ok
14:57:51.0031 0x2314  COMSysApp - ok
14:57:51.0034 0x2314  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:57:51.0040 0x2314  crcdisk - ok
14:57:51.0074 0x2314  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:57:51.0084 0x2314  CryptSvc - ok
14:57:51.0115 0x2314  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:57:51.0129 0x2314  CSC - ok
14:57:51.0152 0x2314  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:57:51.0170 0x2314  CscService - ok
14:57:51.0203 0x2314  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:57:51.0232 0x2314  DcomLaunch - ok
14:57:51.0263 0x2314  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:57:51.0288 0x2314  defragsvc - ok
14:57:51.0314 0x2314  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:57:51.0335 0x2314  DfsC - ok
14:57:51.0363 0x2314  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:57:51.0375 0x2314  Dhcp - ok
14:57:51.0441 0x2314  [ 76D1D4D285F74059F32B8AD19A146D0C, 4324F3D1E4007F6499A3D0F0102CD92ED9F554332BC0B633305CD7B957FF16C8 ] DIRECTIO        C:\mystuff\PerformanceTest\DirectIo64.sys
14:57:51.0450 0x2314  DIRECTIO - ok
14:57:51.0465 0x2314  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:57:51.0487 0x2314  discache - ok
14:57:51.0506 0x2314  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:57:51.0515 0x2314  Disk - ok
14:57:51.0535 0x2314  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:57:51.0543 0x2314  dmvsc - ok
14:57:51.0580 0x2314  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:57:51.0590 0x2314  Dnscache - ok
14:57:51.0655 0x2314  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:57:51.0680 0x2314  dot3svc - ok
14:57:51.0698 0x2314  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:57:51.0721 0x2314  DPS - ok
14:57:51.0761 0x2314  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:57:51.0768 0x2314  drmkaud - ok
14:57:51.0808 0x2314  [ 080598EFE474B7A28D7260C3AC389E36, FB2862EFF05CCF60FA967DA1C3F3E5188D17D6040476684A393A03DAE3DBC92A ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
14:57:51.0815 0x2314  dtlitescsibus - ok
14:57:51.0862 0x2314  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:57:51.0883 0x2314  DXGKrnl - ok
14:57:51.0902 0x2314  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:57:51.0925 0x2314  EapHost - ok
14:57:51.0938 0x2314  EasyAntiCheat - ok
14:57:52.0019 0x2314  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:57:52.0076 0x2314  ebdrv - ok
14:57:52.0117 0x2314  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS             C:\Windows\System32\lsass.exe
14:57:52.0124 0x2314  EFS - ok
14:57:52.0179 0x2314  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:57:52.0196 0x2314  ehRecvr - ok
14:57:52.0210 0x2314  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:57:52.0220 0x2314  ehSched - ok
14:57:52.0250 0x2314  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:57:52.0264 0x2314  elxstor - ok
14:57:52.0277 0x2314  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:57:52.0285 0x2314  ErrDev - ok
14:57:52.0343 0x2314  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:57:52.0369 0x2314  EventSystem - ok
14:57:52.0385 0x2314  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:57:52.0409 0x2314  exfat - ok
14:57:52.0426 0x2314  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:57:52.0450 0x2314  fastfat - ok
14:57:52.0480 0x2314  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:57:52.0498 0x2314  Fax - ok
14:57:52.0516 0x2314  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:57:52.0523 0x2314  fdc - ok
14:57:52.0560 0x2314  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:57:52.0581 0x2314  fdPHost - ok
14:57:52.0592 0x2314  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:57:52.0614 0x2314  FDResPub - ok
14:57:52.0632 0x2314  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:57:52.0639 0x2314  FileInfo - ok
14:57:52.0646 0x2314  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:57:52.0666 0x2314  Filetrace - ok
14:57:52.0677 0x2314  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:57:52.0686 0x2314  flpydisk - ok
14:57:52.0718 0x2314  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:57:52.0729 0x2314  FltMgr - ok
14:57:52.0782 0x2314  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:57:52.0811 0x2314  FontCache - ok
14:57:52.0869 0x2314  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:52.0877 0x2314  FontCache3.0.0.0 - ok
14:57:52.0892 0x2314  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:57:52.0900 0x2314  FsDepends - ok
14:57:52.0931 0x2314  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:57:52.0940 0x2314  Fs_Rec - ok
14:57:52.0979 0x2314  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:57:52.0989 0x2314  fvevol - ok
14:57:53.0011 0x2314  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:57:53.0018 0x2314  gagp30kx - ok
14:57:53.0046 0x2314  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:53.0052 0x2314  GEARAspiWDM - ok
14:57:53.0155 0x2314  [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:57:53.0178 0x2314  GfExperienceService - ok
14:57:53.0218 0x2314  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:57:53.0250 0x2314  gpsvc - ok
14:57:53.0328 0x2314  [ F16DE182CFB9C0D692E3977894B6C5F9, C5F20293D36842E4F60D76BD78D9CCE5B00BAA023D917865FB3C5BB558C6229B ] GSService       C:\Windows\SysWOW64\GSService.exe
14:57:53.0341 0x2314  GSService - ok
14:57:53.0412 0x2314  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:53.0419 0x2314  gupdate - ok
14:57:53.0422 0x2314  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:53.0428 0x2314  gupdatem - ok
14:57:53.0448 0x2314  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:57:53.0455 0x2314  hcw85cir - ok
14:57:53.0494 0x2314  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:57:53.0508 0x2314  HdAudAddService - ok
14:57:53.0535 0x2314  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:57:53.0545 0x2314  HDAudBus - ok
14:57:53.0564 0x2314  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:57:53.0571 0x2314  HidBatt - ok
14:57:53.0579 0x2314  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:57:53.0589 0x2314  HidBth - ok
14:57:53.0601 0x2314  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:57:53.0610 0x2314  HidIr - ok
14:57:53.0637 0x2314  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:57:53.0658 0x2314  hidserv - ok
14:57:53.0690 0x2314  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:57:53.0697 0x2314  HidUsb - ok
14:57:53.0731 0x2314  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:57:53.0752 0x2314  hkmsvc - ok
14:57:53.0764 0x2314  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:57:53.0776 0x2314  HomeGroupListener - ok
14:57:53.0810 0x2314  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:57:53.0820 0x2314  HomeGroupProvider - ok
14:57:53.0839 0x2314  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:57:53.0846 0x2314  HpSAMD - ok
14:57:53.0888 0x2314  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:57:53.0898 0x2314  HTCAND64 - ok
14:57:53.0974 0x2314  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
14:57:53.0979 0x2314  HTCMonitorService - ok
14:57:54.0006 0x2314  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
14:57:54.0011 0x2314  htcnprot - ok
14:57:54.0048 0x2314  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV64.sys
14:57:54.0060 0x2314  HtcVCom32 - ok
14:57:54.0104 0x2314  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:57:54.0123 0x2314  HTTP - ok
14:57:54.0176 0x2314  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
14:57:54.0182 0x2314  HWiNFO32 - ok
14:57:54.0202 0x2314  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:57:54.0208 0x2314  hwpolicy - ok
14:57:54.0229 0x2314  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:57:54.0238 0x2314  i8042prt - ok
14:57:54.0280 0x2314  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:57:54.0292 0x2314  iaStorV - ok
14:57:54.0350 0x2314  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:54.0369 0x2314  idsvc - ok
14:57:54.0377 0x2314  IEEtwCollectorService - ok
14:57:54.0395 0x2314  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:57:54.0403 0x2314  iirsp - ok
14:57:54.0442 0x2314  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:57:54.0463 0x2314  IKEEXT - ok
14:57:54.0493 0x2314  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:57:54.0499 0x2314  intelide - ok
14:57:54.0538 0x2314  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:57:54.0547 0x2314  intelppm - ok
14:57:54.0583 0x2314  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:57:54.0605 0x2314  IPBusEnum - ok
14:57:54.0616 0x2314  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:54.0637 0x2314  IpFilterDriver - ok
14:57:54.0694 0x2314  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:57:54.0726 0x2314  iphlpsvc - ok
14:57:54.0744 0x2314  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:57:54.0755 0x2314  IPMIDRV - ok
14:57:54.0775 0x2314  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:57:54.0800 0x2314  IPNAT - ok
14:57:54.0831 0x2314  [ 87F8EDF63C97BF0BF21359A3D8ABF0C7, BAAAE1DE50EBD1BCE46F33C5F3A7F3C39F61AB21416D78DAA7F8A19F38F67269 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:57:54.0853 0x2314  iPod Service - ok
14:57:54.0871 0x2314  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:57:54.0883 0x2314  IRENUM - ok
14:57:54.0897 0x2314  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:57:54.0906 0x2314  isapnp - ok
14:57:54.0932 0x2314  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:57:54.0943 0x2314  iScsiPrt - ok
14:57:54.0956 0x2314  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:54.0966 0x2314  kbdclass - ok
14:57:54.0996 0x2314  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:57:55.0011 0x2314  kbdhid - ok
14:57:55.0017 0x2314  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso          C:\Windows\system32\lsass.exe
14:57:55.0028 0x2314  KeyIso - ok
14:57:55.0095 0x2314  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
14:57:55.0116 0x2314  kl1 - ok
14:57:55.0144 0x2314  [ 885A70560731342CBD0D6BE8A72254B6, 91F93F1727ACF01EC3777C7D42522690010005FB67E12C461E935A880D11CD30 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
14:57:55.0153 0x2314  kldisk - ok
14:57:55.0234 0x2314  [ DDC9CC7D29254D8886DAFD62E265AE7C, 0DF72FC780BEB87E85F877EB4E864AF0530E8CCD599C24D469B1B0226E339DF1 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
14:57:55.0242 0x2314  klflt - ok
14:57:55.0402 0x2314  [ 658ADE6B5345B24D28B84A49495B0CF8, 2373DC12B737145F4A8949B8446CEB38B2C6C2B8B69054F32183FD2ED12FD915 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
14:57:55.0414 0x2314  klhk - ok
14:57:55.0515 0x2314  [ E05F3D847556FE0F5F14F46002CD6433, 8E7A3ABF617BDD00213615D5E1C7E1769580A220716D2881B21F5656BFBF6782 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
14:57:55.0535 0x2314  KLIF - ok
14:57:55.0600 0x2314  [ 366A0C2D4AD22E54F1B03DAC4B96E1C4, C81D8DFD1D4381E0DE94A54E03F3D2C0AB24B47350EC175181EBD7224FCE4BE5 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
14:57:55.0606 0x2314  KLIM6 - ok
14:57:55.0665 0x2314  [ 8BB0EA085EA9661B9218CCC5011C1CBE, 7FF590135F18F4EB339B5E71F790A49FA1EB5104604EE952E2694EC0CBFA3D21 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
14:57:55.0671 0x2314  klkbdflt - ok
14:57:55.0726 0x2314  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
14:57:55.0732 0x2314  klmouflt - ok
14:57:55.0829 0x2314  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
14:57:55.0831 0x2314  klpd - ok
14:57:56.0063 0x2314  [ AB3A62C17F342E195AFDA108867E6381, 77E3C17FC302FFC1585B013E5707C541061AF5011681980F870C9B6E346F3379 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
14:57:56.0073 0x2314  kltdi - ok
14:57:56.0113 0x2314  [ B699439F46FE914F3F8F60C0AA3148D3, 14C4A72DAE6713EF96CB47F3494BC9CD2BC06679CB139A2B571F55D4B4BC0512 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
14:57:56.0123 0x2314  Klwtp - ok
14:57:56.0253 0x2314  [ 8FBA7BEF56D0B29FC9FEBF480E8C3902, D8CA78E71E860AAAB166FAD7A6902A59DF3F5B598C162AD5CF68A571E8E437E9 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
14:57:56.0263 0x2314  kneps - ok
14:57:56.0375 0x2314  [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:57:56.0386 0x2314  KSecDD - ok
14:57:56.0447 0x2314  [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:57:56.0467 0x2314  KSecPkg - ok
14:57:56.0517 0x2314  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:57:56.0537 0x2314  ksthunk - ok
14:57:56.0567 0x2314  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:57:56.0597 0x2314  KtmRm - ok
14:57:56.0637 0x2314  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:57:56.0680 0x2314  LanmanServer - ok
14:57:56.0698 0x2314  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:57:56.0729 0x2314  LanmanWorkstation - ok
14:57:56.0867 0x2314  [ D9BC2278A381A8F8465596CB84D33320, 13E5CE3FD84604077B06E0B111F0345FA300FE4CBFCFCDAFFFAC6D838BB43E3A ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
14:57:56.0924 0x2314  LiveUpdateSvc - ok
14:57:56.0981 0x2314  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:57:57.0011 0x2314  lltdio - ok
14:57:57.0041 0x2314  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:57:57.0071 0x2314  lltdsvc - ok
14:57:57.0091 0x2314  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:57:57.0117 0x2314  lmhosts - ok
14:57:57.0140 0x2314  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:57:57.0150 0x2314  LSI_FC - ok
14:57:57.0180 0x2314  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:57:57.0194 0x2314  LSI_SAS - ok
14:57:57.0218 0x2314  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:57:57.0228 0x2314  LSI_SAS2 - ok
14:57:57.0264 0x2314  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:57:57.0264 0x2314  LSI_SCSI - ok
14:57:57.0304 0x2314  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:57:57.0327 0x2314  luafv - ok
14:57:57.0380 0x2314  [ C06234DCDB1BFC0CF7E25CFAC5B7F5FE, 149A3880E1D58CC0768A174DF4E884F3A4432F935D134B5AE536B7020788F5D5 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
14:57:57.0380 0x2314  ManyCam - ok
14:57:57.0457 0x2314  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:57:57.0457 0x2314  MBAMProtector - ok
14:57:57.0457 0x2314  MBAMScheduler - ok
14:57:57.0467 0x2314  MBAMService - ok
14:57:57.0497 0x2314  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:57:57.0497 0x2314  MBAMWebAccessControl - ok
14:57:57.0527 0x2314  [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
14:57:57.0527 0x2314  mcaudrv_simple - ok
14:57:57.0557 0x2314  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:57:57.0567 0x2314  Mcx2Svc - ok
14:57:57.0587 0x2314  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:57:57.0597 0x2314  megasas - ok
14:57:57.0607 0x2314  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:57:57.0617 0x2314  MegaSR - ok
14:57:57.0652 0x2314  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:57:57.0658 0x2314  MEIx64 - ok
14:57:57.0684 0x2314  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:57:57.0714 0x2314  MMCSS - ok
14:57:57.0731 0x2314  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:57:57.0742 0x2314  Modem - ok
14:57:57.0802 0x2314  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:57:57.0812 0x2314  monitor - ok
14:57:57.0832 0x2314  [ 95314C3A08589471983C2C8173F23CDA, 05D30728D7204ABA2437259ECF929A94E6573F7621BAF35D76EBA26F5489A6CF ] MonitorFunction C:\Windows\system32\DRIVERS\TVMonitor.sys
14:57:57.0842 0x2314  MonitorFunction - ok
14:57:57.0905 0x2314  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:57:57.0910 0x2314  mouclass - ok
14:57:57.0940 0x2314  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:57:57.0950 0x2314  mouhid - ok
14:57:57.0987 0x2314  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:57:57.0997 0x2314  mountmgr - ok
14:57:58.0014 0x2314  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:57:58.0025 0x2314  mpio - ok
14:57:58.0041 0x2314  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:57:58.0071 0x2314  mpsdrv - ok
14:57:58.0100 0x2314  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:57:58.0142 0x2314  MpsSvc - ok
14:57:58.0166 0x2314  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:57:58.0178 0x2314  MRxDAV - ok
14:57:58.0225 0x2314  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:58.0238 0x2314  mrxsmb - ok
14:57:58.0257 0x2314  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:58.0270 0x2314  mrxsmb10 - ok
14:57:58.0280 0x2314  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:58.0291 0x2314  mrxsmb20 - ok
14:57:58.0314 0x2314  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:57:58.0321 0x2314  msahci - ok
14:57:58.0351 0x2314  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:57:58.0359 0x2314  msdsm - ok
14:57:58.0373 0x2314  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:57:58.0385 0x2314  MSDTC - ok
14:57:58.0400 0x2314  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:57:58.0418 0x2314  Msfs - ok
14:57:58.0428 0x2314  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:57:58.0448 0x2314  mshidkmdf - ok
14:57:58.0458 0x2314  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:57:58.0469 0x2314  msisadrv - ok
14:57:58.0505 0x2314  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:57:58.0529 0x2314  MSiSCSI - ok
14:57:58.0533 0x2314  msiserver - ok
14:57:58.0556 0x2314  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:57:58.0580 0x2314  MSKSSRV - ok
14:57:58.0594 0x2314  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:58.0624 0x2314  MSPCLOCK - ok
14:57:58.0628 0x2314  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:57:58.0655 0x2314  MSPQM - ok
14:57:58.0677 0x2314  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:57:58.0696 0x2314  MsRPC - ok
14:57:58.0711 0x2314  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:57:58.0719 0x2314  mssmbios - ok
14:57:58.0723 0x2314  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:57:58.0760 0x2314  MSTEE - ok
14:57:58.0776 0x2314  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:57:58.0788 0x2314  MTConfig - ok
14:57:58.0794 0x2314  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:57:58.0808 0x2314  Mup - ok
14:57:58.0862 0x2314  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:57:58.0907 0x2314  napagent - ok
14:57:58.0949 0x2314  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:57:58.0963 0x2314  NativeWifiP - ok
14:57:59.0024 0x2314  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:57:59.0050 0x2314  NDIS - ok
14:57:59.0084 0x2314  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:59.0118 0x2314  NdisCap - ok
14:57:59.0166 0x2314  [ 270B10B8BD822DD4673781E0A1935DFB, 63D644B2E9AA14E0DA7660C00343C3597385EE2ACCCC61EFC3CD9A765CD35EFF ] ndisrd          C:\Windows\system32\DRIVERS\ndisrd.sys
14:57:59.0173 0x2314  ndisrd - ok
14:57:59.0197 0x2314  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:59.0231 0x2314  NdisTapi - ok
14:57:59.0235 0x2314  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:59.0256 0x2314  Ndisuio - ok
14:57:59.0274 0x2314  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:59.0301 0x2314  NdisWan - ok
14:57:59.0308 0x2314  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:57:59.0337 0x2314  NDProxy - ok
14:57:59.0350 0x2314  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:57:59.0379 0x2314  NetBIOS - ok
14:57:59.0391 0x2314  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:57:59.0418 0x2314  NetBT - ok
14:57:59.0433 0x2314  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon        C:\Windows\system32\lsass.exe
14:57:59.0440 0x2314  Netlogon - ok
14:57:59.0471 0x2314  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:57:59.0500 0x2314  Netman - ok
14:57:59.0571 0x2314  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:59.0579 0x2314  NetMsmqActivator - ok
14:57:59.0583 0x2314  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:59.0592 0x2314  NetPipeActivator - ok
14:57:59.0603 0x2314  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:57:59.0630 0x2314  netprofm - ok
14:57:59.0634 0x2314  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:59.0643 0x2314  NetTcpActivator - ok
14:57:59.0647 0x2314  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:59.0656 0x2314  NetTcpPortSharing - ok
14:57:59.0682 0x2314  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:57:59.0689 0x2314  nfrd960 - ok
14:57:59.0716 0x2314  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:57:59.0736 0x2314  NlaSvc - ok
14:57:59.0746 0x2314  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:57:59.0779 0x2314  Npfs - ok
14:57:59.0807 0x2314  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:57:59.0835 0x2314  nsi - ok
14:57:59.0837 0x2314  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:57:59.0878 0x2314  nsiproxy - ok
14:57:59.0944 0x2314  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:57:59.0997 0x2314  Ntfs - ok
14:58:00.0037 0x2314  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:58:00.0057 0x2314  Null - ok
14:58:00.0087 0x2314  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
14:58:00.0097 0x2314  nusb3hub - ok
14:58:00.0107 0x2314  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
14:58:00.0117 0x2314  nusb3xhc - ok
14:58:00.0197 0x2314  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:58:00.0197 0x2314  NVHDA - ok
14:58:00.0461 0x2314  [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:58:00.0680 0x2314  nvlddmkm - ok
14:58:00.0816 0x2314  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:58:00.0861 0x2314  NvNetworkService - ok
14:58:00.0897 0x2314  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:58:00.0906 0x2314  nvraid - ok
14:58:00.0931 0x2314  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:58:00.0941 0x2314  nvstor - ok
14:58:01.0263 0x2314  [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:58:01.0270 0x2314  NvStreamKms - ok
14:58:01.0342 0x2314  NvStreamSvc - ok
14:58:01.0594 0x2314  [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:58:01.0622 0x2314  nvsvc - ok
14:58:01.0731 0x2314  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:58:01.0739 0x2314  nvvad_WaveExtensible - ok
14:58:01.0784 0x2314  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:58:01.0796 0x2314  nv_agp - ok
14:58:01.0810 0x2314  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:58:01.0820 0x2314  ohci1394 - ok
14:58:01.0949 0x2314  [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:58:02.0003 0x2314  Origin Client Service - ok
14:58:02.0035 0x2314  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:58:02.0050 0x2314  p2pimsvc - ok
14:58:02.0075 0x2314  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:58:02.0093 0x2314  p2psvc - ok
14:58:02.0143 0x2314  [ D61B764B27BF05CCCADCC5E1E7B73A21, 14636C5D470E4E87B8C6ED4E34906072D8D631E566DECADF5E2FFC0535DF8989 ] PAC7302         C:\Windows\system32\DRIVERS\PAC7302.SYS
14:58:02.0158 0x2314  PAC7302 - ok
14:58:02.0186 0x2314  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:58:02.0195 0x2314  Parport - ok
14:58:02.0220 0x2314  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:58:02.0228 0x2314  partmgr - ok
14:58:02.0273 0x2314  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
14:58:02.0278 0x2314  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
14:58:04.0613 0x2314  Detect skipped due to KSN trusted
14:58:04.0613 0x2314  PassThru Service - ok
14:58:04.0692 0x2314  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:58:04.0702 0x2314  PcaSvc - ok
14:58:04.0716 0x2314  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:58:04.0725 0x2314  pci - ok
14:58:04.0752 0x2314  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:58:04.0758 0x2314  pciide - ok
14:58:04.0804 0x2314  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:58:04.0814 0x2314  pcmcia - ok
14:58:04.0831 0x2314  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:58:04.0838 0x2314  pcw - ok
14:58:04.0855 0x2314  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:58:04.0872 0x2314  PEAUTH - ok
14:58:04.0921 0x2314  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:58:04.0949 0x2314  PeerDistSvc - ok
14:58:05.0016 0x2314  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:58:05.0024 0x2314  PerfHost - ok
14:58:05.0102 0x2314  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:58:05.0143 0x2314  pla - ok
14:58:05.0209 0x2314  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:58:05.0222 0x2314  PlugPlay - ok
14:58:05.0225 0x2314  PnkBstrA - ok
14:58:05.0253 0x2314  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:58:05.0260 0x2314  PNRPAutoReg - ok
14:58:05.0276 0x2314  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:58:05.0289 0x2314  PNRPsvc - ok
14:58:05.0339 0x2314  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:58:05.0370 0x2314  PolicyAgent - ok
14:58:05.0402 0x2314  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:58:05.0426 0x2314  Power - ok
14:58:05.0463 0x2314  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:58:05.0485 0x2314  PptpMiniport - ok
14:58:05.0504 0x2314  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:58:05.0511 0x2314  Processor - ok
14:58:05.0552 0x2314  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:58:05.0564 0x2314  ProfSvc - ok
14:58:05.0576 0x2314  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:58:05.0583 0x2314  ProtectedStorage - ok
14:58:05.0600 0x2314  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:58:05.0622 0x2314  Psched - ok
14:58:05.0666 0x2314  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:58:05.0697 0x2314  ql2300 - ok
14:58:05.0722 0x2314  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:58:05.0731 0x2314  ql40xx - ok
14:58:05.0756 0x2314  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:58:05.0770 0x2314  QWAVE - ok
14:58:05.0784 0x2314  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:58:05.0795 0x2314  QWAVEdrv - ok
14:58:05.0809 0x2314  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:58:05.0832 0x2314  RasAcd - ok
14:58:05.0868 0x2314  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:58:05.0889 0x2314  RasAgileVpn - ok
14:58:05.0905 0x2314  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:58:05.0927 0x2314  RasAuto - ok
14:58:05.0936 0x2314  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:58:05.0958 0x2314  Rasl2tp - ok
14:58:05.0998 0x2314  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:58:06.0023 0x2314  RasMan - ok
14:58:06.0031 0x2314  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:58:06.0054 0x2314  RasPppoe - ok
14:58:06.0066 0x2314  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:58:06.0088 0x2314  RasSstp - ok
14:58:06.0165 0x2314  [ 4103BC8F5D0E146BFFF2A9259D6208D1, 1CCE644F278A4EAFF2939FB1981ECEDBB3E522ACB46B9539DE593C627327F61A ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
14:58:06.0172 0x2314  Razer Game Scanner Service - ok
14:58:06.0201 0x2314  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:58:06.0226 0x2314  rdbss - ok
14:58:06.0232 0x2314  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:58:06.0240 0x2314  rdpbus - ok
14:58:06.0257 0x2314  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:58:06.0278 0x2314  RDPCDD - ok
14:58:06.0298 0x2314  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:58:06.0307 0x2314  RDPDR - ok
14:58:06.0322 0x2314  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:58:06.0343 0x2314  RDPENCDD - ok
14:58:06.0355 0x2314  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:58:06.0375 0x2314  RDPREFMP - ok
14:58:06.0449 0x2314  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:58:06.0456 0x2314  RdpVideoMiniport - ok
14:58:06.0478 0x2314  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:58:06.0487 0x2314  RDPWD - ok
14:58:06.0535 0x2314  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:58:06.0544 0x2314  rdyboost - ok
14:58:06.0569 0x2314  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:58:06.0595 0x2314  RemoteAccess - ok
14:58:06.0627 0x2314  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:58:06.0652 0x2314  RemoteRegistry - ok
14:58:06.0664 0x2314  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:58:06.0693 0x2314  RpcEptMapper - ok
14:58:06.0702 0x2314  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:58:06.0712 0x2314  RpcLocator - ok
14:58:06.0737 0x2314  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:58:06.0773 0x2314  RpcSs - ok
14:58:06.0800 0x2314  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:58:06.0826 0x2314  rspndr - ok
14:58:06.0884 0x2314  [ DCF7221D6588EDA8CD77CB27AE9B1844, 7741A4F513952CC3C4D5056958D0D50F8F2A9D3142C7478707F73A83D3CDE01C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:58:06.0927 0x2314  RTL8167 - ok
14:58:07.0009 0x2314  [ 9FE061CEBE2478FABC37BBA9557C6DAA, 8D995FD75DDCC14C7C63661314F0061CD827D89CE23116842082ACF528664E37 ] RzKLService     C:\mystuff\Razer Cortex\RzKLService.exe
14:58:07.0018 0x2314  RzKLService - ok
14:58:07.0081 0x2314  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
14:58:07.0088 0x2314  rzpmgrk - ok
14:58:07.0124 0x2314  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:58:07.0133 0x2314  s3cap - ok
14:58:07.0167 0x2314  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs           C:\Windows\system32\lsass.exe
14:58:07.0179 0x2314  SamSs - ok
14:58:07.0210 0x2314  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:58:07.0222 0x2314  sbp2port - ok
14:58:07.0265 0x2314  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:58:07.0302 0x2314  SCardSvr - ok
14:58:07.0325 0x2314  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:58:07.0358 0x2314  scfilter - ok
14:58:07.0410 0x2314  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:58:07.0472 0x2314  Schedule - ok
14:58:07.0511 0x2314  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:58:07.0543 0x2314  SCPolicySvc - ok
14:58:07.0556 0x2314  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:58:07.0577 0x2314  SDRSVC - ok
14:58:07.0623 0x2314  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:58:07.0656 0x2314  secdrv - ok
14:58:07.0682 0x2314  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:58:07.0717 0x2314  seclogon - ok
14:58:07.0735 0x2314  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:58:07.0770 0x2314  SENS - ok
14:58:07.0783 0x2314  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:58:07.0795 0x2314  SensrSvc - ok
14:58:07.0808 0x2314  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:58:07.0819 0x2314  Serenum - ok
14:58:07.0838 0x2314  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:58:07.0851 0x2314  Serial - ok
14:58:07.0855 0x2314  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:58:07.0868 0x2314  sermouse - ok
14:58:07.0882 0x2314  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:58:07.0917 0x2314  SessionEnv - ok
14:58:07.0921 0x2314  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:58:07.0934 0x2314  sffdisk - ok
14:58:07.0977 0x2314  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:58:07.0991 0x2314  sffp_mmc - ok
14:58:08.0015 0x2314  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:58:08.0029 0x2314  sffp_sd - ok
14:58:08.0136 0x2314  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:58:08.0148 0x2314  sfloppy - ok
14:58:08.0217 0x2314  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:58:08.0258 0x2314  SharedAccess - ok
14:58:08.0410 0x2314  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:58:08.0451 0x2314  ShellHWDetection - ok
14:58:08.0482 0x2314  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:58:08.0492 0x2314  SiSRaid2 - ok
14:58:08.0517 0x2314  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:58:08.0529 0x2314  SiSRaid4 - ok
14:58:08.0583 0x2314  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:58:08.0602 0x2314  SkypeUpdate - ok
14:58:08.0629 0x2314  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:58:08.0665 0x2314  Smb - ok
14:58:08.0681 0x2314  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:58:08.0693 0x2314  SNMPTRAP - ok
14:58:08.0701 0x2314  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:58:08.0710 0x2314  spldr - ok
14:58:08.0753 0x2314  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:58:08.0787 0x2314  Spooler - ok
14:58:08.0882 0x2314  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:58:08.0986 0x2314  sppsvc - ok
14:58:09.0006 0x2314  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:58:09.0036 0x2314  sppuinotify - ok
14:58:09.0093 0x2314  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:58:09.0107 0x2314  SQLWriter - ok
14:58:09.0156 0x2314  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:58:09.0174 0x2314  srv - ok
14:58:09.0199 0x2314  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:58:09.0211 0x2314  srv2 - ok
14:58:09.0238 0x2314  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:58:09.0246 0x2314  srvnet - ok
14:58:09.0291 0x2314  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:58:09.0315 0x2314  SSDPSRV - ok
14:58:09.0335 0x2314  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:58:09.0359 0x2314  SstpSvc - ok
14:58:09.0458 0x2314  [ EBAA82F7C9B97C0E450449178E007340, D470927CC216C4E3EA23236E6C6464187CD3A49C3A4A456F488FEC8E713EA31B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:58:09.0476 0x2314  Steam Client Service - ok
14:58:09.0554 0x2314  [ F82B2FC221CA0E408874884787491667, A9C7FB9C4719484BDA4FB69A8F948DC556CFEA19DFE89D2E63536F2C42725E66 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:58:09.0565 0x2314  Stereo Service - ok
14:58:09.0601 0x2314  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:58:09.0607 0x2314  stexstor - ok
14:58:09.0687 0x2314  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:58:09.0706 0x2314  stisvc - ok
14:58:09.0748 0x2314  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:58:09.0756 0x2314  storflt - ok
14:58:09.0786 0x2314  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
14:58:09.0798 0x2314  StorSvc - ok
14:58:09.0812 0x2314  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:58:09.0819 0x2314  storvsc - ok
14:58:09.0831 0x2314  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:58:09.0837 0x2314  swenum - ok
14:58:09.0872 0x2314  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:58:09.0901 0x2314  swprv - ok
14:58:09.0944 0x2314  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:58:09.0984 0x2314  SysMain - ok
14:58:10.0008 0x2314  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:58:10.0020 0x2314  TabletInputService - ok
14:58:10.0044 0x2314  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:58:10.0051 0x2314  tap0901 - ok
14:58:10.0085 0x2314  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:58:10.0113 0x2314  TapiSrv - ok
14:58:10.0122 0x2314  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:58:10.0144 0x2314  TBS - ok
14:58:10.0202 0x2314  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:58:10.0241 0x2314  Tcpip - ok
14:58:10.0299 0x2314  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:58:10.0338 0x2314  TCPIP6 - ok
14:58:10.0368 0x2314  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:58:10.0379 0x2314  tcpipreg - ok
14:58:10.0404 0x2314  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:58:10.0414 0x2314  TDPIPE - ok
14:58:10.0433 0x2314  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:58:10.0444 0x2314  TDTCP - ok
14:58:10.0484 0x2314  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:58:10.0495 0x2314  tdx - ok
14:58:10.0706 0x2314  [ 6CA83C69643E7BF144A428B7BDC7D630, DB015BA4428509E1D5BE74FEFB446A29D316564617EB15A379424B3FCE3B74A9 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:58:10.0832 0x2314  TeamViewer - ok
14:58:10.0879 0x2314  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:58:10.0886 0x2314  TermDD - ok
14:58:10.0934 0x2314  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:58:10.0954 0x2314  TermService - ok
14:58:10.0982 0x2314  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:58:10.0996 0x2314  Themes - ok
14:58:11.0051 0x2314  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:58:11.0074 0x2314  THREADORDER - ok
14:58:11.0241 0x2314  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:58:11.0264 0x2314  TrkWks - ok
14:58:11.0388 0x2314  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:58:11.0412 0x2314  TrustedInstaller - ok
14:58:11.0466 0x2314  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:58:11.0473 0x2314  tssecsrv - ok
14:58:11.0524 0x2314  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:58:11.0533 0x2314  TsUsbFlt - ok
14:58:11.0564 0x2314  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:58:11.0571 0x2314  TsUsbGD - ok
14:58:11.0632 0x2314  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:58:11.0656 0x2314  tunnel - ok
14:58:11.0676 0x2314  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:58:11.0683 0x2314  uagp35 - ok
14:58:11.0762 0x2314  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:58:11.0790 0x2314  udfs - ok
14:58:11.0824 0x2314  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:58:11.0833 0x2314  UI0Detect - ok
14:58:11.0893 0x2314  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:58:11.0901 0x2314  uliagpkx - ok
14:58:11.0995 0x2314  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:58:12.0004 0x2314  umbus - ok
14:58:12.0032 0x2314  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:58:12.0039 0x2314  UmPass - ok
14:58:12.0150 0x2314  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:58:12.0161 0x2314  UmRdpService - ok
14:58:12.0261 0x2314  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:58:12.0288 0x2314  upnphost - ok
14:58:12.0337 0x2314  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:58:12.0345 0x2314  USBAAPL64 - ok
14:58:12.0388 0x2314  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:58:12.0396 0x2314  usbaudio - ok
14:58:12.0441 0x2314  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:58:12.0449 0x2314  usbccgp - ok
14:58:12.0476 0x2314  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:58:12.0484 0x2314  usbcir - ok
14:58:12.0506 0x2314  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:58:12.0515 0x2314  usbehci - ok
14:58:12.0565 0x2314  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:58:12.0620 0x2314  usbhub - ok
14:58:12.0645 0x2314  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:58:12.0675 0x2314  usbohci - ok
14:58:12.0696 0x2314  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:58:12.0706 0x2314  usbprint - ok
14:58:12.0757 0x2314  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:58:12.0771 0x2314  usbscan - ok
14:58:12.0805 0x2314  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:58:12.0816 0x2314  USBSTOR - ok
14:58:12.0838 0x2314  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:58:12.0849 0x2314  usbuhci - ok
14:58:12.0880 0x2314  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
14:58:12.0890 0x2314  usb_rndisx - ok
14:58:12.0937 0x2314  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:58:12.0967 0x2314  UxSms - ok
14:58:13.0000 0x2314  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc        C:\Windows\system32\lsass.exe
14:58:13.0007 0x2314  VaultSvc - ok
14:58:13.0041 0x2314  [ CDA796F41C2B64CEEC143B3A86904CFB, 8D9CACB74608C145A75424F4169E447A9EFA0EC3DD1412F097B56F86C0FC8E6E ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:58:13.0053 0x2314  VBoxDrv - ok
14:58:13.0083 0x2314  [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:58:13.0095 0x2314  VBoxNetAdp - ok
14:58:13.0144 0x2314  [ 39D80811EB7E87CD7F682A3124693CBA, C90A08CCE322FB01F5D8E7CE269CFC5B91E7A30FC4BCCEE047C636D651E5A59A ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:58:13.0157 0x2314  VBoxNetFlt - ok
14:58:13.0219 0x2314  [ 248C6ADD9467AF319D1882A5E8B12966, EE23FB426C6408354A1D212978528F5ECA8ADBB7441C5734F5675D7306235163 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:58:13.0231 0x2314  VBoxUSBMon - ok
14:58:13.0257 0x2314  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:58:13.0270 0x2314  vdrvroot - ok
14:58:13.0345 0x2314  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:58:13.0395 0x2314  vds - ok
14:58:13.0429 0x2314  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:58:13.0445 0x2314  vga - ok
14:58:13.0466 0x2314  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:58:13.0497 0x2314  VgaSave - ok
14:58:13.0520 0x2314  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:58:13.0536 0x2314  vhdmp - ok
14:58:13.0613 0x2314  [ F109FCCC5F041796D183BED37F5007D5, 4061A7436649752F4650A1674051333A06F76BAAD1A3C32EB21EBE19420D362D ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:58:13.0634 0x2314  VIAHdAudAddService - ok
14:58:13.0843 0x2314  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:58:13.0853 0x2314  viaide - ok
14:58:13.0994 0x2314  [ 097A1A16F9F38715CEAA092DE626F517, 5D51D74C3264ADEA1A50F6620150B284E54C5294A548D1BC940B3B5FF5343998 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
14:58:14.0004 0x2314  VIAKaraokeService - ok
14:58:14.0037 0x2314  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:58:14.0051 0x2314  vmbus - ok
14:58:14.0065 0x2314  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:58:14.0074 0x2314  VMBusHID - ok
14:58:14.0105 0x2314  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:58:14.0116 0x2314  volmgr - ok
14:58:14.0142 0x2314  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:58:14.0169 0x2314  volmgrx - ok
14:58:14.0201 0x2314  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:58:14.0216 0x2314  volsnap - ok
14:58:14.0238 0x2314  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:58:14.0258 0x2314  vsmraid - ok
14:58:14.0325 0x2314  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:58:14.0392 0x2314  VSS - ok
14:58:14.0459 0x2314  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:58:14.0475 0x2314  vwifibus - ok
14:58:14.0522 0x2314  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:58:14.0560 0x2314  W32Time - ok
14:58:14.0601 0x2314  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:58:14.0611 0x2314  WacomPen - ok
14:58:14.0770 0x2314  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:58:14.0800 0x2314  WANARP - ok
14:58:14.0805 0x2314  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:58:14.0827 0x2314  Wanarpv6 - ok
14:58:14.0886 0x2314  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:58:14.0920 0x2314  wbengine - ok
14:58:14.0954 0x2314  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:58:14.0968 0x2314  WbioSrvc - ok
14:58:15.0005 0x2314  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:58:15.0024 0x2314  wcncsvc - ok
14:58:15.0049 0x2314  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:58:15.0060 0x2314  WcsPlugInService - ok
14:58:15.0133 0x2314  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:58:15.0139 0x2314  Wd - ok
14:58:15.0183 0x2314  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:58:15.0209 0x2314  Wdf01000 - ok
14:58:15.0245 0x2314  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:58:15.0259 0x2314  WdiServiceHost - ok
14:58:15.0263 0x2314  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:58:15.0272 0x2314  WdiSystemHost - ok
14:58:15.0308 0x2314  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:58:15.0321 0x2314  WebClient - ok
14:58:15.0356 0x2314  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:58:15.0380 0x2314  Wecsvc - ok
14:58:15.0406 0x2314  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:58:15.0435 0x2314  wercplsupport - ok
14:58:15.0498 0x2314  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:58:15.0522 0x2314  WerSvc - ok
14:58:15.0570 0x2314  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:58:15.0590 0x2314  WfpLwf - ok
14:58:15.0607 0x2314  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:58:15.0614 0x2314  WIMMount - ok
14:58:15.0658 0x2314  WinDefend - ok
14:58:15.0692 0x2314  WinHttpAutoProxySvc - ok
14:58:15.0817 0x2314  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:58:15.0841 0x2314  Winmgmt - ok
14:58:15.0912 0x2314  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
14:58:15.0950 0x2314  WinRM - ok
14:58:15.0976 0x2314  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:58:15.0985 0x2314  WinUsb - ok
14:58:16.0026 0x2314  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:58:16.0051 0x2314  Wlansvc - ok
14:58:16.0073 0x2314  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:58:16.0080 0x2314  WmiAcpi - ok
14:58:16.0108 0x2314  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:58:16.0119 0x2314  wmiApSrv - ok
14:58:16.0145 0x2314  WMPNetworkSvc - ok
14:58:16.0155 0x2314  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:58:16.0163 0x2314  WPCSvc - ok
14:58:16.0178 0x2314  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:58:16.0189 0x2314  WPDBusEnum - ok
14:58:16.0213 0x2314  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:58:16.0233 0x2314  ws2ifsl - ok
14:58:16.0261 0x2314  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:58:16.0273 0x2314  wscsvc - ok
14:58:16.0276 0x2314  WSearch - ok
14:58:16.0348 0x2314  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:58:16.0393 0x2314  wuauserv - ok
14:58:16.0427 0x2314  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:58:16.0434 0x2314  WudfPf - ok
14:58:16.0461 0x2314  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:58:16.0471 0x2314  WUDFRd - ok
14:58:16.0480 0x2314  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:58:16.0488 0x2314  wudfsvc - ok
14:58:16.0540 0x2314  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:58:16.0551 0x2314  WwanSvc - ok
14:58:16.0569 0x2314  ================ Scan global ===============================
14:58:16.0597 0x2314  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:58:16.0629 0x2314  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:58:16.0637 0x2314  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:58:16.0668 0x2314  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:58:16.0679 0x2314  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:58:16.0684 0x2314  [ Global ] - ok
14:58:16.0684 0x2314  ================ Scan MBR ==================================
14:58:16.0689 0x2314  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:58:16.0895 0x2314  \Device\Harddisk0\DR0 - ok
14:58:16.0895 0x2314  ================ Scan VBR ==================================
14:58:16.0897 0x2314  [ D2245F03D8CB1C57A5285E9E01770BC3 ] \Device\Harddisk0\DR0\Partition1
14:58:16.0927 0x2314  \Device\Harddisk0\DR0\Partition1 - ok
14:58:16.0929 0x2314  [ 5E1D192AA9F2734627D3EA33E7827D80 ] \Device\Harddisk0\DR0\Partition2
14:58:16.0960 0x2314  \Device\Harddisk0\DR0\Partition2 - ok
14:58:16.0960 0x2314  ================ Scan generic autorun ======================
14:58:17.0070 0x2314  [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:58:17.0113 0x2314  NvBackend - ok
14:58:17.0144 0x2314  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:58:17.0152 0x2314  ShadowPlay - ok
14:58:17.0205 0x2314  [ 72334F906C2E2B002CDD2FF9022FD957, 991F7C606E122BBD388BA37E56B37CC6D2DCA304784E4CE06018D698C57F320F ] C:\Windows\PixArt\PAC7302\Monitor.exe
14:58:17.0215 0x2314  PAC7302_Monitor - ok
14:58:17.0255 0x2314  [ FF0FAB199882C00D6DC54CA035865C49, BF4D65D96F8DC0057042C2A4B70106D156B0D13C75839935BC9051089363C495 ] C:\Program Files\iTunes\iTunesHelper.exe
14:58:17.0263 0x2314  iTunesHelper - ok
14:58:17.0266 0x2314  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:58:17.0275 0x2314  Logitech Download Assistant - ok
14:58:17.0589 0x2314  [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
14:58:17.0667 0x2314  HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
14:58:20.0027 0x2314  Detect skipped due to KSN trusted
14:58:20.0027 0x2314  HDAudDeck - ok
14:58:20.0454 0x2314  [ C9521D28774183B5B53F8DCBC6283765, B35BB99FB917505258FA26D8E6544D45EE7D4B79C52C9DD699946A8A8BFAFD3E ] C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
14:58:20.0804 0x2314  DSL Soforthilfe - ok
14:58:20.0884 0x2314  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:58:20.0914 0x2314  Sidebar - ok
14:58:20.0944 0x2314  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:58:20.0956 0x2314  mctadmin - ok
14:58:20.0974 0x2314  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:58:20.0996 0x2314  Sidebar - ok
14:58:20.0996 0x2314  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:58:21.0008 0x2314  mctadmin - ok
14:58:21.0323 0x2314  [ CD0AE462565B45B3DE3BB674BCD436E2, E1FB902DEFBA8DE5E35E237E6EC504D9F9DEDE3904E299A8D99EF31DAB0199FB ] C:\Program Files (x86)\Thunder Master\THPanel.exe
14:58:21.0366 0x2314  THPanel - ok
14:58:21.0549 0x2314  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
14:58:21.0667 0x2314  CCleaner Monitoring - ok
14:58:21.0697 0x2314  Skype - ok
14:58:21.0799 0x2314  [ ACD929D8754B63BBBB68B48B96F8A99E, E4DD488BA151AAB58FC00458F69D5A7AC191BA488F2BDAF88BE432C24250AF94 ] C:\mystuff\IObit\Advanced SystemCare 8\ASCTray.exe
14:58:21.0830 0x2314  Advanced SystemCare 8 - ok
14:58:21.0869 0x2314  OKAYFREEDOM_Agent - ok
14:58:21.0974 0x2314  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
14:58:21.0982 0x2314  Google Update - ok
14:58:21.0983 0x2314  Waiting for KSN requests completion. In queue: 106
14:58:22.0983 0x2314  Waiting for KSN requests completion. In queue: 106
14:58:23.0984 0x2314  Waiting for KSN requests completion. In queue: 106
14:58:24.0993 0x2314  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x40000 ( disabled : updated )
14:58:24.0994 0x2314  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x40010 ( disabled )
14:58:24.0999 0x2314  Win FW state via NFP2: disabled
14:58:27.0346 0x2314  ============================================================
14:58:27.0346 0x2314  Scan finished
14:58:27.0346 0x2314  ============================================================
14:58:27.0352 0x2220  Detected object count: 0
14:58:27.0352 0x2220  Actual detected object count: 0

schrauber · 06.05.2015, 14:45

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

lolle1 · 07.05.2015, 13:42

Combofix hat beim Erstellen des logfiles mehr als 25 min gebraucht... für dn scan aber ca. 15 also habe ich es beendet... Und noch mal gesatartet genau das gleiches nur das ich och länger (ca. 35min) gewartet habe. Ich nehme mal an das dieses Logfile in dem Combofix-ordner nicht Vollständig ist...

Code:

ATTFilter

ComboFix 15-05-07.01 - Admin 07.05.2015  13:57:27.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8144.6302 [GMT 2:00]
ausgeführt von:: C:\Users\Admin\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


---- Vorheriger Suchlauf -------

C:\install.exe


(((((((((((((((((((((((   Dateien erstellt von 2015-04-07 bis 2015-05-07  ))))))))))))))))))))))))))))))


2015-05-07 12:13:22 . 2015-05-07 12:13:22	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-05-07 05:22:14 . 2015-05-07 05:22:14	--------	d-----w-	C:\Program Files (x86)\Microsoft ASP.NET
2015-05-06 17:49:15 . 2015-05-07 12:04:00	75888	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70DC34AA-456C-4590-92C2-2A3E87A3E078}\offreg.dll
2015-05-06 12:22:43 . 2015-05-06 12:41:15	--------	d-----w-	C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-05 15:36:05 . 2015-05-05 15:37:58	--------	d-----w-	C:\FRST
2015-05-05 11:43:56 . 2015-04-08 20:32:32	560968	----a-w-	C:\Windows\SysWow64\nvStreaming.exe
2015-05-05 10:04:20 . 2015-04-04 06:25:09	12032440	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70DC34AA-456C-4590-92C2-2A3E87A3E078}\mpengine.dll
2015-05-04 15:04:54 . 2014-10-22 19:13:14	245960	----a-w-	C:\Windows\system32\drivers\klhk.sys
2015-05-02 14:32:22 . 2014-07-04 08:49:07	1721576	----a-w-	C:\Windows\system32\WdfCoInstaller01009.dll
2015-05-02 14:32:22 . 2014-07-04 08:49:07	1002728	----a-w-	C:\Windows\system32\WinUSBCoInstaller2.dll
2015-04-29 12:25:03 . 2015-04-29 12:25:05	--------	d-----w-	C:\Users\Admin\AppData\Local\Mozilla
2015-04-28 15:56:46 . 2013-04-09 23:34:01	1247744	----a-w-	C:\Windows\SysWow64\DWrite.dll
2015-04-28 15:56:46 . 2013-04-02 22:51:57	1643520	----a-w-	C:\Windows\system32\DWrite.dll
2015-04-26 18:27:22 . 2015-04-26 18:27:22	--------	d-----w-	C:\Users\Admin\AppData\Local\gtk-2.0
2015-04-26 18:24:47 . 2005-07-26 12:49:52	1040436	----a-w-	C:\Windows\SysWow64\cxcore097.dll
2015-04-26 18:24:47 . 2003-03-19 06:19:58	1060864	----a-w-	C:\Windows\SysWow64\MFC71.dll
2015-04-26 18:24:47 . 2003-03-19 05:14:50	499712	----a-w-	C:\Windows\SysWow64\msvcp71.dll
2015-04-26 18:24:47 . 2003-02-21 13:42:20	348160	----a-w-	C:\Windows\SysWow64\msvcr71.dll
2015-04-26 18:16:12 . 2015-04-26 18:16:12	--------	d-----w-	C:\Users\Admin\.thumbnails
2015-04-26 18:11:07 . 2015-04-26 18:11:07	--------	d-----w-	C:\Users\Admin\AppData\Local\fontconfig
2015-04-26 18:11:05 . 2015-04-26 18:28:46	--------	d-----w-	C:\Users\Admin\.gimp-2.8
2015-04-26 18:11:05 . 2015-04-26 18:11:05	--------	d-----w-	C:\Users\Admin\AppData\Local\gegl-0.2
2015-04-25 19:28:13 . 2015-04-25 19:33:27	--------	d-----w-	C:\Users\Admin\AppData\Roaming\Steganos VPN
2015-04-25 19:25:36 . 2015-04-25 19:28:26	--------	d-----w-	C:\Users\Admin\AppData\Roaming\Steganos
2015-04-24 12:01:02 . 2015-04-24 12:01:02	--------	d-----w-	C:\Users\Admin\AppData\Local\SvchostViewer
2015-04-24 11:47:08 . 2015-05-06 12:22:43	136408	----a-w-	C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-24 11:46:49 . 2015-05-06 12:21:38	107736	----a-w-	C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-24 11:46:49 . 2015-04-24 11:46:49	--------	d-----w-	C:\ProgramData\Malwarebytes
2015-04-24 11:46:49 . 2015-04-14 07:37:56	63704	----a-w-	C:\Windows\system32\drivers\mwac.sys
2015-04-24 11:46:49 . 2015-04-14 07:37:42	25816	----a-w-	C:\Windows\system32\drivers\mbam.sys
2015-04-24 11:39:12 . 2015-04-24 11:39:12	--------	d-----w-	C:\RegBackup
2015-04-20 13:59:51 . 2015-04-20 13:59:51	--------	d-----w-	C:\Users\Admin\.eclipse
2015-04-20 11:41:31 . 2015-04-20 11:41:31	--------	d-----w-	C:\Program Files (x86)\Common Files\Java
2015-04-18 15:42:10 . 2015-04-18 15:42:10	30352	----a-w-	C:\Windows\system32\drivers\dtlitescsibus.sys
2015-04-18 15:36:07 . 2015-04-18 15:55:29	--------	d-----w-	C:\Users\Admin\VirtualBox VMs
2015-04-18 14:27:43 . 2015-04-18 15:55:42	--------	d-----w-	C:\Users\Admin\.VirtualBox
2015-04-18 14:27:41 . 2015-04-18 14:56:15	--------	d-----w-	C:\Users\Admin\AppData\Local\Genymobile
2015-04-18 14:13:07 . 2014-05-16 12:04:46	254240	----a-w-	C:\Windows\system32\drivers\VBoxDrv.sys
2015-04-18 14:12:48 . 2014-05-16 12:03:30	128288	----a-w-	C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-04-17 04:03:24 . 2015-03-25 03:24:41	98304	----a-w-	C:\Windows\system32\wudriver.dll
2015-04-17 04:02:58 . 2015-03-05 05:12:33	404480	----a-w-	C:\Windows\system32\gdi32.dll
2015-04-17 03:57:27 . 2015-03-04 04:55:13	367552	----a-w-	C:\Windows\system32\clfs.sys
2015-04-17 03:57:27 . 2015-03-04 04:41:27	79360	----a-w-	C:\Windows\system32\clfsw32.dll
2015-04-17 03:57:27 . 2015-03-04 04:10:54	58880	----a-w-	C:\Windows\SysWow64\clfsw32.dll
2015-04-16 12:43:19 . 2015-04-16 12:43:19	--------	d-----w-	C:\Users\Admin\AppData\Local\Opera Software
2015-04-16 12:43:18 . 2015-04-16 12:43:18	--------	d-----w-	C:\Users\Admin\AppData\Roaming\Opera Software
2015-04-16 12:41:44 . 2015-05-07 12:03:38	--------	d-----w-	C:\Program Files (x86)\Opera
2015-04-13 12:04:50 . 2015-05-05 15:51:16	--------	d-----w-	C:\Users\Admin\AppData\Local\CrashDumps
2015-04-12 11:50:20 . 2015-04-12 11:50:20	--------	d-----w-	C:\ProgramData\HP
2015-04-12 06:57:32 . 2015-04-12 06:57:32	642360	----a-w-	C:\Windows\system32\hpzids40.dll
2015-04-12 06:56:52 . 2015-04-12 06:56:52	977624	----a-w-	C:\Windows\system32\drivers\Rt64win7.sys
2015-04-12 06:56:52 . 2015-04-12 06:56:52	73800	----a-w-	C:\Windows\system32\RtNicProp64.dll
2015-04-12 06:54:52 . 2015-04-12 06:54:52	1896136	----a-w-	C:\Windows\system32\nvdispco6434788.dll
2015-04-12 06:54:52 . 2015-04-12 06:54:52	1557648	----a-w-	C:\Windows\system32\nvdispgenco6434788.dll
2015-04-11 00:33:34 . 2014-12-11 17:47:17	87040	----a-w-	C:\Windows\system32\TSWbPrxy.exe
2015-04-11 00:33:33 . 2014-09-05 01:52:41	5703168	----a-w-	C:\Windows\SysWow64\mstscax.dll
2015-04-11 00:33:32 . 2014-09-05 02:11:09	6584320	----a-w-	C:\Windows\system32\mstscax.dll
2015-04-08 16:23:21 . 2015-04-08 16:23:21	--------	d-----w-	C:\Users\Admin\AppData\Local\PassMark
2015-04-08 16:23:15 . 2015-04-08 16:23:15	--------	d-----w-	C:\ProgramData\Passmark
2015-04-08 14:18:40 . 2015-03-23 03:25:15	726528	----a-w-	C:\Windows\system32\generaltel.dll
2015-04-08 14:18:40 . 2015-03-23 03:25:01	769536	----a-w-	C:\Windows\system32\invagent.dll
2015-04-08 14:18:40 . 2015-03-23 03:24:56	419840	----a-w-	C:\Windows\system32\devinv.dll
2015-04-08 14:18:40 . 2015-03-23 03:24:54	957952	----a-w-	C:\Windows\system32\appraiser.dll
2015-04-08 14:18:40 . 2015-03-23 03:24:53	30720	----a-w-	C:\Windows\system32\acmigration.dll
2015-04-08 14:18:40 . 2015-03-23 03:24:53	227328	----a-w-	C:\Windows\system32\aepdu.dll
2015-04-08 14:18:40 . 2015-03-23 03:24:53	192000	----a-w-	C:\Windows\system32\aepic.dll
2015-04-08 14:18:40 . 2015-03-23 03:17:39	1111552	----a-w-	C:\Windows\system32\aeinv.dll
2015-04-08 12:40:30 . 2015-04-08 12:41:06	1089632	----a-w-	C:\ProgramData\Microsoft\WDExpress\11.0\1031\ResourceCache.dll
2015-04-08 12:39:36 . 2015-04-08 12:39:36	--------	d-----w-	C:\Program Files (x86)\NuGet
2015-04-08 12:34:53 . 2015-04-08 12:35:08	--------	d-----w-	C:\Program Files (x86)\Common Files\Merge Modules
2015-04-08 12:26:26 . 2015-04-08 12:26:26	--------	d-----w-	C:\Windows\symbols
2015-04-08 12:21:47 . 2015-04-08 12:21:47	--------	d-----w-	C:\Program Files (x86)\Common Files\Microsoft
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

Sorry falls ich zu ungeduldig war... Aber für mich als "Leihen" klingt das total unlogisch mehr Zeit zum erstellen des Logfiles als zum Scannen...
Soll ich es nochmal Machen?
Gruß
Lolle1

schrauber · 08.05.2015, 08:58

Cf scheint da irgend ein Problem zu haben.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

lolle1 · 08.05.2015, 13:36

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.05.2015
Suchlauf-Zeit: 13:42:55
Logdatei: 
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.08.03
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363621
Verstrichene Zeit: 15 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

# AdwCleaner v4.203 - Bericht erstellt 08/05/2015 um 14:19:45
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-08.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Admin - ADMIN-PC
# Gestarted von : C:\Users\Admin\Desktop\adwcleaner_4.203.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\XTab
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome SxS\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome SxS\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage-journal
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome SxS\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0
Datei Gelöscht : C:\Windows\System32\drivers\SPPD.sys
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome SxS\User Data\Default\Local Storage\hxxp_www.spigotmc.org_0.localstorage
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome SxS\User Data\Default\Local Storage\hxxp_www.spigotmc.org_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweet-page.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;;localhost;127.0.0.1;*.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 de)


-\\ Google Chrome v42.0.2311.135

[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sm.de/?q={searchTerms}
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=M2B79616C-780E-4C47-9171-13DBD3D6E2BB&SearchSource=58&CUI=&UM=8&UP=SPC19C285D-C7F6-4CFA-B80D-4C8E77800F71&q={searchTerms}&SSPV=
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX&q={searchTerms}

-\\ Opera v29.0.1795.47


-\\ Chrome Canary v44.0.2394.3


*************************

AdwCleaner[R0].txt - [3601 Bytes] - [08/05/2015 14:16:11]
AdwCleaner[S0].txt - [3471 Bytes] - [08/05/2015 14:19:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3530  Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.05.2015
Suchlauf-Zeit: 13:42:55
Logdatei: 
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.08.03
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363621
Verstrichene Zeit: 15 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Adwcleaner hat mir eine Extension in Chrome gelöscht die mein Startbildschirm bzw. Neuen tab geregelt hat(speed Dial 2).Darf ich die wieder neu Runterladen und installieren?

[CODE]i
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Admin (administrator) on ADMIN-PC on 08-05-2015 14:33:45
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\LDHNEJ5Y.BAE\6D8T5RK1.Y9W\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Malwarebytes Corporation) C:\adwareentferner\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Advanced SystemCare 8] => C:\mystuff\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [OKAYFREEDOM_Agent] => "C:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [AVMUSBFernanschluss] => C:\Users\Admin\AppData\Local\Apps\2.0\LDHNEJ5Y.BAE\6D8T5RK1.Y9W\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2015-05-08] (AVM Berlin)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2897107241-917314487-1310154325-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\MyStuff\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-22] (IObit)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\MyStuff\Android\Appprogramierung\Java\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\MyStuff\Android\Appprogramierung\Java\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Extension: DSL Soforthilfe - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default\Extensions\{95E05177-EA09-4386-8B79-FEB1EAC063E6} [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-30]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-30]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdvancedSystemCareService8; C:\mystuff\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-03-08] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-03-08] (ASUSTeK Computer Inc.)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-03-08] (ASUSTeK Computer Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S4 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-26] (EasyAntiCheat Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-07-10] ()
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
S2 RzKLService; C:\mystuff\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-03-22] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 MBAMScheduler; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2015-01-31] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 DIRECTIO; C:\mystuff\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-18] (Disc Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-04] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-08] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 14:33 - 2015-05-08 14:33 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2015-05-08 14:31 - 2015-05-08 14:31 - 00000600 _____ () C:\Users\Admin\Desktop\JRT.txt
2015-05-08 14:15 - 2015-05-08 14:19 - 00000000 ____D () C:\AdwCleaner
2015-05-08 14:14 - 2015-05-08 14:14 - 02204160 _____ () C:\Users\Admin\Downloads\adwcleaner_4.203.exe
2015-05-08 14:14 - 2015-05-08 14:14 - 02204160 _____ () C:\Users\Admin\Desktop\adwcleaner_4.203.exe
2015-05-08 10:18 - 2015-05-08 12:40 - 00000110 ____H () C:\Users\Admin\Downloads\.~lock.4  Formblatt Ablaufplan.doc#
2015-05-07 17:19 - 2015-05-07 17:20 - 16196501 _____ () C:\Users\Admin\Downloads\Rush 1.0.4.zip
2015-05-07 15:26 - 2015-05-07 15:26 - 00003072 _____ () C:\Users\Admin\Downloads\users.db
2015-05-07 15:08 - 2015-05-06 20:51 - 00007242 _____ () C:\Users\Admin\Downloads\ChatManager-Spigot-2 - Kopie.jar
2015-05-07 15:08 - 2015-05-06 20:13 - 00146369 _____ () C:\Users\Admin\Downloads\Bedwars - Kopie.jar
2015-05-07 15:08 - 2015-05-06 17:21 - 00102026 _____ () C:\Users\Admin\Downloads\Clearlag - Kopie.jar
2015-05-07 15:08 - 2015-05-06 14:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.09.1.1004 - Kopie.exe
2015-05-07 15:08 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\kavremover - Kopie.exe
2015-05-07 15:08 - 2014-03-26 02:08 - 00987079 _____ () C:\Users\Admin\Downloads\Essentials - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00334742 ____N () C:\Users\Admin\Downloads\EssentialsXMPP.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00334742 _____ () C:\Users\Admin\Downloads\EssentialsXMPP - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00120141 ____N () C:\Users\Admin\Downloads\EssentialsGeoIP.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00120141 _____ () C:\Users\Admin\Downloads\EssentialsGeoIP - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00019371 _____ () C:\Users\Admin\Downloads\EssentialsProtect - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00016852 _____ () C:\Users\Admin\Downloads\EssentialsSpawn - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00014506 _____ () C:\Users\Admin\Downloads\EssentialsAntiBuild - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00012698 _____ () C:\Users\Admin\Downloads\EssentialsChat - Kopie.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00987079 ____N () C:\Users\Admin\Downloads\Essentials.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00019371 ____N () C:\Users\Admin\Downloads\EssentialsProtect.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00016852 ____N () C:\Users\Admin\Downloads\EssentialsSpawn.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00014506 ____N () C:\Users\Admin\Downloads\EssentialsAntiBuild.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00012698 ____N () C:\Users\Admin\Downloads\EssentialsChat.jar
2015-05-07 13:56 - 2015-05-07 14:25 - 00000000 ____D () C:\ComboFix
2015-05-07 07:22 - 2015-05-07 07:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-05-06 20:51 - 2015-05-06 20:51 - 00007242 _____ () C:\Users\Admin\Downloads\ChatManager-Spigot-2.jar
2015-05-06 20:13 - 2015-05-06 20:13 - 00146369 _____ () C:\Users\Admin\Downloads\Bedwars.jar
2015-05-06 19:43 - 2015-05-06 19:43 - 00000030 _____ () C:\Users\Admin\ops.txt.converted
2015-05-06 19:42 - 2015-05-06 19:43 - 00000030 _____ () C:\Users\Admin\ops.txt
2015-05-06 17:20 - 2015-05-06 17:21 - 00102026 _____ () C:\Users\Admin\Downloads\Clearlag.jar
2015-05-06 17:04 - 2015-05-06 17:05 - 06420600 _____ (Tim Kosse) C:\Users\Admin\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-05-06 15:47 - 2015-05-06 16:09 - 00000000 ____D () C:\Windows\erdnt
2015-05-06 15:47 - 2015-05-06 15:47 - 00000000 ____D () C:\Qoobox
2015-05-06 15:47 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-06 15:47 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-06 15:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-06 15:46 - 2015-05-07 13:55 - 05621999 ____R (Swearware) C:\Users\Admin\Desktop\ComboFix.exe
2015-05-06 15:21 - 2015-05-06 15:22 - 03727376 _____ () C:\Users\Admin\Downloads\SkaiaCraft_Launcher.zip
2015-05-06 14:22 - 2015-05-06 14:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-06 14:21 - 2015-05-06 14:41 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2015-05-06 14:21 - 2015-05-06 14:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.09.1.1004.exe
2015-05-06 14:21 - 2015-05-06 14:18 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2015-05-06 14:17 - 2015-05-06 14:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.09.1.1004.exe
2015-05-05 18:10 - 2015-05-05 18:10 - 00013585 _____ () C:\Users\Admin\Desktop\Addition.rar
2015-05-05 17:51 - 2015-05-05 17:50 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357 (1).exe
2015-05-05 17:50 - 2015-05-05 17:50 - 00380416 _____ () C:\Users\Admin\Downloads\Gmer-19357 (1).exe
2015-05-05 17:43 - 2015-05-05 17:44 - 00363168 _____ () C:\Windows\Minidump\050515-20342-01.dmp
2015-05-05 17:37 - 2015-05-05 17:37 - 00055153 _____ () C:\Users\Admin\Desktop\Addition.txt
2015-05-05 17:36 - 2015-05-08 14:33 - 00022629 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-05 17:36 - 2015-05-08 14:33 - 00000000 ____D () C:\FRST
2015-05-05 17:35 - 2015-05-08 14:33 - 02102272 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00380416 _____ () C:\Users\Admin\Downloads\Gmer-19357.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2015-05-05 17:35 - 2015-05-05 17:35 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-05 17:35 - 2015-05-05 12:06 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2015-05-05 13:43 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-05 13:42 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-05 13:42 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-04 17:08 - 2015-05-04 17:08 - 00002330 _____ () C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-04 17:06 - 2015-05-04 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-04 17:06 - 2015-05-04 17:05 - 00002140 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-04 17:04 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-04 16:34 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\kavremover.exe
2015-05-04 15:46 - 2015-05-05 17:43 - 579916364 _____ () C:\Windows\MEMORY.DMP
2015-05-04 15:46 - 2015-05-04 15:46 - 00262144 _____ () C:\Windows\Minidump\050415-20186-01.dmp
2015-05-02 16:34 - 2015-05-02 16:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-05-02 16:32 - 2014-07-04 10:49 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-05-02 16:32 - 2014-07-04 10:49 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2015-04-29 14:24 - 2015-04-29 14:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-29 14:24 - 2015-04-29 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 19:23 - 2015-05-08 10:31 - 00002406 _____ () C:\Users\Admin\Desktop\Google Chrome Canary.lnk
2015-04-28 19:23 - 2015-05-05 01:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2015-04-28 17:56 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-28 17:56 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-28 12:48 - 2015-04-28 12:48 - 00000800 _____ () C:\DelFix.txt
2015-04-26 20:27 - 2015-04-26 20:27 - 00000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-04-26 20:27 - 2015-04-26 20:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0
2015-04-26 20:24 - 2015-04-26 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GML
2015-04-26 20:24 - 2005-07-26 14:49 - 01040436 _____ (Intel Corporation.) C:\Windows\SysWOW64\cxcore097.dll
2015-04-26 20:24 - 2003-03-19 08:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-04-26 20:24 - 2003-03-19 07:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-04-26 20:24 - 2003-02-21 15:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-04-26 20:16 - 2015-04-26 20:16 - 00000000 ____D () C:\Users\Admin\.thumbnails
2015-04-26 20:11 - 2015-04-26 20:28 - 00000000 ____D () C:\Users\Admin\.gimp-2.8
2015-04-26 20:11 - 2015-04-26 20:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\gegl-0.2
2015-04-26 20:07 - 2015-04-26 20:07 - 00000822 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-04-26 15:37 - 2015-04-26 15:37 - 00004801 _____ () C:\Users\Admin\Downloads\GMER.rar
2015-04-26 15:11 - 2015-04-26 15:11 - 00179910 _____ () C:\Users\Admin\Downloads\GMER.log
2015-04-26 14:42 - 2015-04-26 14:43 - 00380416 _____ () C:\Users\Admin\Downloads\j3ygeo5i.exe
2015-04-26 14:32 - 2015-04-26 14:33 - 00004766 _____ () C:\Users\Admin\Documents\2.txt
2015-04-26 14:31 - 2015-04-26 14:31 - 00008329 _____ () C:\Users\Admin\Documents\1.txt
2015-04-25 21:28 - 2015-04-25 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos VPN
2015-04-25 21:26 - 2015-04-25 21:26 - 00003222 _____ () C:\Windows\System32\Tasks\{857C73D2-1CA9-42B6-8B95-D80EF5F91DC1}
2015-04-25 21:25 - 2015-04-25 21:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos
2015-04-24 14:01 - 2015-04-24 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\SvchostViewer
2015-04-24 13:47 - 2015-05-08 14:32 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-24 13:46 - 2015-05-06 14:21 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-24 13:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-24 13:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-24 13:39 - 2015-04-24 13:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Professional-(64-bit).dat
2015-04-24 13:39 - 2015-04-24 13:39 - 00000000 ____D () C:\RegBackup
2015-04-24 13:36 - 2015-05-06 14:29 - 02716843 _____ (Thisisu) C:\Users\Admin\Desktop\JRT_NEW.exe
2015-04-20 15:59 - 2015-04-20 15:59 - 00000000 ____D () C:\Users\Admin\.eclipse
2015-04-20 13:38 - 2015-04-20 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-04-18 17:42 - 2015-04-18 17:42 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-04-18 17:36 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\VirtualBox VMs
2015-04-18 16:27 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\.VirtualBox
2015-04-18 16:27 - 2015-04-18 16:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Genymobile
2015-04-18 16:13 - 2015-04-18 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-04-18 16:13 - 2014-05-16 14:04 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-04-18 16:12 - 2014-05-16 14:03 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-04-17 06:05 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-17 06:05 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-17 06:05 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-17 06:05 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-17 06:05 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-17 06:05 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-17 06:05 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-17 06:05 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-17 06:05 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-17 06:05 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-17 06:05 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-17 06:05 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-17 06:05 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-17 06:05 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-17 06:05 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-17 06:05 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-17 06:03 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-17 06:02 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-17 06:02 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-17 06:02 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-17 06:02 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-17 06:02 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-17 06:02 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-17 06:02 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-17 06:02 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 06:02 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 06:02 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 06:02 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 06:02 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 05:57 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 05:57 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 05:57 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 14:43 - 2015-04-28 12:06 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1429188192
2015-04-16 14:43 - 2015-04-16 14:43 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Opera Software
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Local\Opera Software
2015-04-16 14:41 - 2015-05-07 14:40 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-13 14:04 - 2015-05-05 17:51 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-04-12 13:50 - 2015-04-12 13:50 - 00000000 ____D () C:\ProgramData\HP
2015-04-12 08:57 - 2015-04-12 08:57 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2015-04-12 08:56 - 2015-04-12 08:56 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-04-12 08:56 - 2015-04-12 08:56 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-11 02:33 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-11 02:33 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-11 02:33 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-10 15:07 - 2015-04-10 15:07 - 00330518 _____ () C:\Users\Admin\Documents\Documents.rar
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\Users\Admin\Documents\PassMark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\PassMark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\ProgramData\Passmark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2015-04-08 16:21 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-04-08 16:21 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-08 16:21 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-08 16:21 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-04-08 16:21 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-04-08 16:21 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-08 16:21 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-08 16:21 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-08 16:21 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-08 16:21 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-04-08 16:21 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-04-08 16:21 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-08 16:21 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-08 16:21 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-08 16:21 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-08 16:19 - 2015-04-08 16:21 - 00000000 ____D () C:\c8ba8a38767b4e9aaa
2015-04-08 16:18 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-08 16:18 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-08 16:18 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-08 14:40 - 2015-04-08 14:40 - 00000000 ____D () C:\Users\Admin\Documents\Visual Studio 2012
2015-04-08 14:39 - 2015-04-08 14:39 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-04-08 14:26 - 2015-04-08 14:26 - 00000000 ____D () C:\Windows\symbols

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 14:34 - 2015-02-03 13:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 14:28 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-08 14:28 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-08 14:27 - 2014-02-19 16:09 - 00000000 ____D () C:\adwareentferner
2015-05-08 14:26 - 2015-01-25 13:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA.job
2015-05-08 14:25 - 2015-01-25 12:10 - 01079873 _____ () C:\Windows\WindowsUpdate.log
2015-05-08 14:24 - 2015-02-10 18:39 - 00000000 ___RD () C:\Users\Admin\Dropbox
2015-05-08 14:23 - 2015-03-03 15:49 - 00000000 ____D () C:\Users\Admin\AppData\Local\HTC MediaHub
2015-05-08 14:23 - 2015-02-10 18:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2015-05-08 14:23 - 2015-02-03 13:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-08 14:22 - 2015-02-04 14:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-08 14:21 - 2015-02-04 10:59 - 00055291 _____ () C:\Windows\setupact.log
2015-05-08 14:21 - 2015-01-25 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-08 14:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 14:18 - 2015-01-25 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-08 12:31 - 2015-03-25 08:45 - 00001621 _____ () C:\Windows\avmacc.log
2015-05-08 12:30 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2015-05-07 17:32 - 2015-03-16 18:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FileZilla
2015-05-07 17:01 - 2015-02-04 12:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2015-05-07 15:40 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2015-05-07 14:34 - 2015-02-04 10:58 - 00085982 _____ () C:\Windows\PFRO.log
2015-05-07 14:19 - 2015-02-05 13:09 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-07 14:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-06 21:59 - 2015-01-31 10:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-06 21:46 - 2015-02-13 18:36 - 00000000 ____D () C:\MyStuff
2015-05-06 19:43 - 2015-01-25 12:32 - 00000000 ____D () C:\Users\Admin
2015-05-06 19:35 - 2015-01-25 13:05 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core.job
2015-05-06 17:05 - 2015-03-16 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-06 15:22 - 2015-02-04 12:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ZBukkit
2015-05-05 17:43 - 2015-02-01 10:56 - 00000000 ____D () C:\Windows\Minidump
2015-05-05 14:43 - 2015-01-31 11:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-05 13:44 - 2015-01-25 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-05 12:52 - 2015-01-25 12:52 - 00001377 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-05 01:33 - 2015-04-05 21:18 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-05 01:33 - 2015-03-22 16:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2015-05-05 01:33 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-04 17:23 - 2014-12-13 18:21 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-04 17:23 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-05-04 17:06 - 2015-02-04 14:05 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-04 13:58 - 2015-03-22 16:29 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-03 13:40 - 2015-01-25 15:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-05-01 18:51 - 2015-01-25 14:31 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2015-01-25 14:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-01 17:35 - 2015-02-03 13:25 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-28 19:21 - 2015-01-25 13:05 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA
2015-04-28 19:21 - 2015-01-25 13:05 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core
2015-04-28 19:21 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2015-04-28 12:45 - 2015-03-22 16:29 - 00002880 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Admin
2015-04-27 17:09 - 2015-03-03 16:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-27 14:20 - 2015-01-25 20:49 - 00000000 ____D () C:\Windows.old
2015-04-26 16:42 - 2015-01-25 14:03 - 00000000 ___HD () C:\ProgramData\Origin
2015-04-26 12:40 - 2015-02-10 18:39 - 00001017 _____ () C:\Users\Admin\Desktop\Dropbox.lnk
2015-04-26 12:40 - 2015-02-10 18:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-24 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2015-04-22 23:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-22 16:27 - 2015-02-05 13:09 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-22 16:27 - 2015-02-05 13:09 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-21 12:28 - 2015-01-25 21:04 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-21 12:28 - 2015-01-25 21:04 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-21 12:28 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 12:14 - 2015-01-28 15:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-21 12:10 - 2015-01-28 15:04 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-20 15:29 - 2015-03-03 15:38 - 00000000 ____D () C:\Users\Admin\.android
2015-04-20 13:40 - 2015-02-14 11:07 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-20 13:38 - 2015-02-14 11:07 - 00000000 ____D () C:\Program Files\Java
2015-04-20 13:26 - 2015-01-25 12:51 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-19 10:07 - 2015-03-22 16:31 - 00002144 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-04-15 21:18 - 2015-01-25 13:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 21:18 - 2015-01-25 13:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 21:18 - 2015-01-25 13:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-12 08:56 - 2015-01-25 12:59 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-04-12 08:55 - 2015-01-25 12:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-10 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-10 15:25 - 2015-01-25 14:02 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-09 16:15 - 2015-01-31 13:16 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-09 08:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 02:58 - 2015-01-25 14:53 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-09 02:58 - 2015-01-25 12:44 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2015-01-25 12:45 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 22:18 - 2015-01-27 07:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 22:18 - 2015-01-27 07:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-08 19:52 - 2015-01-25 12:45 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-08 16:24 - 2015-03-18 15:19 - 00000000 ____D () C:\ProgramData\IObit
2015-04-08 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-08 14:39 - 2015-01-25 15:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 14:38 - 2015-03-17 20:56 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-04-08 14:38 - 2015-03-17 20:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-04-08 14:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-08 14:30 - 2015-03-17 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-04-08 14:19 - 2015-03-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\SysWOW64\1031
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\system32\1033
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\system32\1031

==================== Files in the root of some directories =======

2015-03-14 15:04 - 2015-03-14 15:04 - 0000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu
2015-04-26 20:27 - 2015-04-26 20:27 - 0000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-02-04 17:23 - 2015-03-17 14:00 - 0007587 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr7hca5.dll
C:\Users\Admin\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Admin\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 20:32

==================== End Of Log ============================

--- --- ---

schrauber · 09.05.2015, 08:42

Ja kannste machen

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

lolle1 · 09.05.2015, 18:25

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8d8fd1957893d942a0a0c9ad825cb78c
# engine=23768
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-09 01:17:48
# local_time=2015-05-09 03:17:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 8109 58756298 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7390 182807318 0 0
# scanned=281439
# found=0
# cleaned=0
# scan_time=6845

War in den logs bisher was auffällig?
Kein Bluescreen mehr das aufhängen hat ich vorgestern noch mal aber ob es jetzt weg mal mehr als ne Woche nix.

Code:

ATTFilter

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Reader XI  
 Mozilla Firefox (37.0.2) 
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.90) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avpui.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 plugin-nm-server.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Gruß
Lolle1

Fast vergessen, FRST log:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Admin (administrator) on ADMIN-PC on 09-05-2015 19:22:58
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\Monitor.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\ASCTray.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Razer Inc.) C:\MyStuff\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\LDHNEJ5Y.BAE\6D8T5RK1.Y9W\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Advanced SystemCare 8] => C:\mystuff\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [OKAYFREEDOM_Agent] => "C:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [AVMUSBFernanschluss] => C:\Users\Admin\AppData\Local\Apps\2.0\LDHNEJ5Y.BAE\6D8T5RK1.Y9W\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2015-05-08] (AVM Berlin)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2897107241-917314487-1310154325-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\MyStuff\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-22] (IObit)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\MyStuff\Android\Appprogramierung\Java\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\MyStuff\Android\Appprogramierung\Java\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Extension: DSL Soforthilfe - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default\Extensions\{95E05177-EA09-4386-8B79-FEB1EAC063E6} [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-30]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-30]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\mystuff\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-03-08] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-03-08] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-03-08] (ASUSTeK Computer Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S4 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-26] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-07-10] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\mystuff\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-03-22] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 MBAMScheduler; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2015-01-31] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 DIRECTIO; C:\mystuff\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-18] (Disc Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-04] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-08] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 19:16 - 2015-05-09 19:15 - 00852630 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2015-05-09 19:15 - 2015-05-09 19:15 - 00852630 _____ () C:\Users\Admin\Downloads\SecurityCheck.exe
2015-05-09 13:18 - 2015-05-09 13:18 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2015-05-09 13:18 - 2015-05-09 13:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-08 14:33 - 2015-05-09 19:22 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2015-05-08 14:31 - 2015-05-08 14:31 - 00000600 _____ () C:\Users\Admin\Desktop\JRT.txt
2015-05-08 14:15 - 2015-05-08 14:19 - 00000000 ____D () C:\AdwCleaner
2015-05-08 14:14 - 2015-05-08 14:14 - 02204160 _____ () C:\Users\Admin\Downloads\adwcleaner_4.203.exe
2015-05-08 14:14 - 2015-05-08 14:14 - 02204160 _____ () C:\Users\Admin\Desktop\adwcleaner_4.203.exe
2015-05-08 10:18 - 2015-05-08 12:40 - 00000110 ____H () C:\Users\Admin\Downloads\.~lock.4  Formblatt Ablaufplan.doc#
2015-05-07 17:19 - 2015-05-07 17:20 - 16196501 _____ () C:\Users\Admin\Downloads\Rush 1.0.4.zip
2015-05-07 15:26 - 2015-05-07 15:26 - 00003072 _____ () C:\Users\Admin\Downloads\users.db
2015-05-07 15:08 - 2015-05-06 20:51 - 00007242 _____ () C:\Users\Admin\Downloads\ChatManager-Spigot-2 - Kopie.jar
2015-05-07 15:08 - 2015-05-06 20:13 - 00146369 _____ () C:\Users\Admin\Downloads\Bedwars - Kopie.jar
2015-05-07 15:08 - 2015-05-06 17:21 - 00102026 _____ () C:\Users\Admin\Downloads\Clearlag - Kopie.jar
2015-05-07 15:08 - 2015-05-06 14:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.09.1.1004 - Kopie.exe
2015-05-07 15:08 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\kavremover - Kopie.exe
2015-05-07 15:08 - 2014-03-26 02:08 - 00987079 _____ () C:\Users\Admin\Downloads\Essentials - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00334742 ____N () C:\Users\Admin\Downloads\EssentialsXMPP.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00334742 _____ () C:\Users\Admin\Downloads\EssentialsXMPP - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00120141 ____N () C:\Users\Admin\Downloads\EssentialsGeoIP.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00120141 _____ () C:\Users\Admin\Downloads\EssentialsGeoIP - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00019371 _____ () C:\Users\Admin\Downloads\EssentialsProtect - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00016852 _____ () C:\Users\Admin\Downloads\EssentialsSpawn - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00014506 _____ () C:\Users\Admin\Downloads\EssentialsAntiBuild - Kopie.jar
2015-05-07 15:08 - 2014-03-26 02:08 - 00012698 _____ () C:\Users\Admin\Downloads\EssentialsChat - Kopie.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00987079 ____N () C:\Users\Admin\Downloads\Essentials.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00019371 ____N () C:\Users\Admin\Downloads\EssentialsProtect.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00016852 ____N () C:\Users\Admin\Downloads\EssentialsSpawn.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00014506 ____N () C:\Users\Admin\Downloads\EssentialsAntiBuild.jar
2015-05-07 15:07 - 2014-03-26 02:08 - 00012698 ____N () C:\Users\Admin\Downloads\EssentialsChat.jar
2015-05-07 13:56 - 2015-05-07 14:25 - 00000000 ____D () C:\ComboFix
2015-05-07 07:22 - 2015-05-07 07:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-05-06 20:51 - 2015-05-06 20:51 - 00007242 _____ () C:\Users\Admin\Downloads\ChatManager-Spigot-2.jar
2015-05-06 20:13 - 2015-05-06 20:13 - 00146369 _____ () C:\Users\Admin\Downloads\Bedwars.jar
2015-05-06 19:43 - 2015-05-06 19:43 - 00000030 _____ () C:\Users\Admin\ops.txt.converted
2015-05-06 19:42 - 2015-05-06 19:43 - 00000030 _____ () C:\Users\Admin\ops.txt
2015-05-06 17:20 - 2015-05-06 17:21 - 00102026 _____ () C:\Users\Admin\Downloads\Clearlag.jar
2015-05-06 17:04 - 2015-05-06 17:05 - 06420600 _____ (Tim Kosse) C:\Users\Admin\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-05-06 15:47 - 2015-05-06 16:09 - 00000000 ____D () C:\Windows\erdnt
2015-05-06 15:47 - 2015-05-06 15:47 - 00000000 ____D () C:\Qoobox
2015-05-06 15:47 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-06 15:47 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-06 15:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-06 15:47 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-06 15:46 - 2015-05-07 13:55 - 05621999 ____R (Swearware) C:\Users\Admin\Desktop\ComboFix.exe
2015-05-06 15:21 - 2015-05-06 15:22 - 03727376 _____ () C:\Users\Admin\Downloads\SkaiaCraft_Launcher.zip
2015-05-06 14:22 - 2015-05-06 14:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-06 14:21 - 2015-05-06 14:41 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2015-05-06 14:21 - 2015-05-06 14:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.09.1.1004.exe
2015-05-06 14:21 - 2015-05-06 14:18 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2015-05-06 14:17 - 2015-05-06 14:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.09.1.1004.exe
2015-05-05 18:10 - 2015-05-05 18:10 - 00013585 _____ () C:\Users\Admin\Desktop\Addition.rar
2015-05-05 17:51 - 2015-05-05 17:50 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357 (1).exe
2015-05-05 17:50 - 2015-05-05 17:50 - 00380416 _____ () C:\Users\Admin\Downloads\Gmer-19357 (1).exe
2015-05-05 17:43 - 2015-05-05 17:44 - 00363168 _____ () C:\Windows\Minidump\050515-20342-01.dmp
2015-05-05 17:37 - 2015-05-05 17:37 - 00055153 _____ () C:\Users\Admin\Desktop\Addition.txt
2015-05-05 17:36 - 2015-05-09 19:22 - 00024770 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-05 17:36 - 2015-05-09 19:22 - 00000000 ____D () C:\FRST
2015-05-05 17:35 - 2015-05-09 19:22 - 02102784 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00380416 _____ () C:\Users\Admin\Downloads\Gmer-19357.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2015-05-05 17:35 - 2015-05-05 17:35 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-05 17:35 - 2015-05-05 12:06 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2015-05-05 13:43 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-05 13:42 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-05 13:42 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-04 17:08 - 2015-05-04 17:08 - 00002330 _____ () C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-04 17:06 - 2015-05-04 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-04 17:06 - 2015-05-04 17:05 - 00002140 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-04 17:04 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-04 16:34 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\kavremover.exe
2015-05-04 15:46 - 2015-05-05 17:43 - 579916364 _____ () C:\Windows\MEMORY.DMP
2015-05-04 15:46 - 2015-05-04 15:46 - 00262144 _____ () C:\Windows\Minidump\050415-20186-01.dmp
2015-05-02 16:34 - 2015-05-02 16:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-05-02 16:32 - 2014-07-04 10:49 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-05-02 16:32 - 2014-07-04 10:49 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2015-04-29 14:24 - 2015-04-29 14:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-29 14:24 - 2015-04-29 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 19:23 - 2015-05-09 13:31 - 00002422 _____ () C:\Users\Admin\Desktop\Google Chrome Canary.lnk
2015-04-28 19:23 - 2015-05-05 01:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2015-04-28 17:56 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-28 17:56 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-28 12:48 - 2015-04-28 12:48 - 00000800 _____ () C:\DelFix.txt
2015-04-26 20:27 - 2015-04-26 20:27 - 00000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-04-26 20:27 - 2015-04-26 20:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0
2015-04-26 20:24 - 2015-04-26 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GML
2015-04-26 20:24 - 2005-07-26 14:49 - 01040436 _____ (Intel Corporation.) C:\Windows\SysWOW64\cxcore097.dll
2015-04-26 20:24 - 2003-03-19 08:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-04-26 20:24 - 2003-03-19 07:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-04-26 20:24 - 2003-02-21 15:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-04-26 20:16 - 2015-04-26 20:16 - 00000000 ____D () C:\Users\Admin\.thumbnails
2015-04-26 20:11 - 2015-04-26 20:28 - 00000000 ____D () C:\Users\Admin\.gimp-2.8
2015-04-26 20:11 - 2015-04-26 20:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\gegl-0.2
2015-04-26 20:07 - 2015-04-26 20:07 - 00000822 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-04-26 15:37 - 2015-04-26 15:37 - 00004801 _____ () C:\Users\Admin\Downloads\GMER.rar
2015-04-26 15:11 - 2015-04-26 15:11 - 00179910 _____ () C:\Users\Admin\Downloads\GMER.log
2015-04-26 14:42 - 2015-04-26 14:43 - 00380416 _____ () C:\Users\Admin\Downloads\j3ygeo5i.exe
2015-04-26 14:32 - 2015-04-26 14:33 - 00004766 _____ () C:\Users\Admin\Documents\2.txt
2015-04-26 14:31 - 2015-04-26 14:31 - 00008329 _____ () C:\Users\Admin\Documents\1.txt
2015-04-25 21:28 - 2015-04-25 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos VPN
2015-04-25 21:26 - 2015-04-25 21:26 - 00003222 _____ () C:\Windows\System32\Tasks\{857C73D2-1CA9-42B6-8B95-D80EF5F91DC1}
2015-04-25 21:25 - 2015-04-25 21:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos
2015-04-24 14:01 - 2015-04-24 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\SvchostViewer
2015-04-24 13:47 - 2015-05-08 14:32 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-24 13:46 - 2015-05-06 14:21 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-24 13:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-24 13:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-24 13:39 - 2015-04-24 13:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Professional-(64-bit).dat
2015-04-24 13:39 - 2015-04-24 13:39 - 00000000 ____D () C:\RegBackup
2015-04-24 13:36 - 2015-05-06 14:29 - 02716843 _____ (Thisisu) C:\Users\Admin\Desktop\JRT_NEW.exe
2015-04-20 15:59 - 2015-04-20 15:59 - 00000000 ____D () C:\Users\Admin\.eclipse
2015-04-20 13:38 - 2015-04-20 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-04-18 17:42 - 2015-04-18 17:42 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-04-18 17:36 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\VirtualBox VMs
2015-04-18 16:27 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\.VirtualBox
2015-04-18 16:27 - 2015-04-18 16:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Genymobile
2015-04-18 16:13 - 2015-04-18 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-04-18 16:13 - 2014-05-16 14:04 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-04-18 16:12 - 2014-05-16 14:03 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-04-17 06:05 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-17 06:05 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-17 06:05 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-17 06:05 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-17 06:05 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-17 06:05 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-17 06:05 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-17 06:05 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-17 06:05 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-17 06:05 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-17 06:05 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-17 06:05 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-17 06:05 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-17 06:05 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-17 06:05 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-17 06:05 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-17 06:03 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-17 06:02 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-17 06:02 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-17 06:02 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-17 06:02 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-17 06:02 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-17 06:02 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-17 06:02 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-17 06:02 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 06:02 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 06:02 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 06:02 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 06:02 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 05:57 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 05:57 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 05:57 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 14:43 - 2015-04-28 12:06 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1429188192
2015-04-16 14:43 - 2015-04-16 14:43 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Opera Software
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Local\Opera Software
2015-04-16 14:41 - 2015-05-07 14:40 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-13 14:04 - 2015-05-09 13:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-04-12 13:50 - 2015-04-12 13:50 - 00000000 ____D () C:\ProgramData\HP
2015-04-12 08:57 - 2015-04-12 08:57 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2015-04-12 08:56 - 2015-04-12 08:56 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-04-12 08:56 - 2015-04-12 08:56 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-11 02:33 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-11 02:33 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-11 02:33 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-10 15:07 - 2015-04-10 15:07 - 00330518 _____ () C:\Users\Admin\Documents\Documents.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 19:22 - 2015-02-04 14:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-09 19:18 - 2015-01-25 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-09 18:34 - 2015-02-03 13:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-09 18:26 - 2015-01-25 13:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA.job
2015-05-09 17:58 - 2015-03-16 18:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FileZilla
2015-05-09 17:18 - 2015-02-04 12:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2015-05-09 16:13 - 2015-01-25 12:10 - 01130094 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 13:12 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-09 13:12 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 13:03 - 2015-03-03 15:49 - 00000000 ____D () C:\Users\Admin\AppData\Local\HTC MediaHub
2015-05-09 13:03 - 2015-02-10 18:39 - 00000000 ___RD () C:\Users\Admin\Dropbox
2015-05-09 13:03 - 2015-02-10 18:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2015-05-09 13:03 - 2015-02-03 13:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-09 13:02 - 2015-02-04 10:59 - 00055459 _____ () C:\Windows\setupact.log
2015-05-09 13:02 - 2015-01-25 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-09 13:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 19:26 - 2015-01-25 13:05 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core.job
2015-05-08 14:27 - 2014-02-19 16:09 - 00000000 ____D () C:\adwareentferner
2015-05-08 12:31 - 2015-03-25 08:45 - 00001621 _____ () C:\Windows\avmacc.log
2015-05-08 12:30 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2015-05-07 15:40 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2015-05-07 14:34 - 2015-02-04 10:58 - 00085982 _____ () C:\Windows\PFRO.log
2015-05-07 14:19 - 2015-02-05 13:09 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-07 14:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-06 21:59 - 2015-01-31 10:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-06 21:46 - 2015-02-13 18:36 - 00000000 ____D () C:\MyStuff
2015-05-06 19:43 - 2015-01-25 12:32 - 00000000 ____D () C:\Users\Admin
2015-05-06 17:05 - 2015-03-16 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-06 15:22 - 2015-02-04 12:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ZBukkit
2015-05-05 17:43 - 2015-02-01 10:56 - 00000000 ____D () C:\Windows\Minidump
2015-05-05 14:43 - 2015-01-31 11:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-05 13:44 - 2015-01-25 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-05 12:52 - 2015-01-25 12:52 - 00001377 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-05 01:33 - 2015-04-05 21:18 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-05 01:33 - 2015-03-22 16:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2015-05-05 01:33 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-04 17:23 - 2014-12-13 18:21 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-04 17:23 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-05-04 17:06 - 2015-02-04 14:05 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-04 13:58 - 2015-03-22 16:29 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-03 13:40 - 2015-01-25 15:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-05-01 18:51 - 2015-01-25 14:31 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2015-01-25 14:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-01 17:35 - 2015-02-03 13:25 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-28 19:21 - 2015-01-25 13:05 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA
2015-04-28 19:21 - 2015-01-25 13:05 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core
2015-04-28 19:21 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2015-04-28 12:45 - 2015-03-22 16:29 - 00002880 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Admin
2015-04-27 17:09 - 2015-03-03 16:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-27 14:20 - 2015-01-25 20:49 - 00000000 ____D () C:\Windows.old
2015-04-26 16:42 - 2015-01-25 14:03 - 00000000 ___HD () C:\ProgramData\Origin
2015-04-26 12:40 - 2015-02-10 18:39 - 00001017 _____ () C:\Users\Admin\Desktop\Dropbox.lnk
2015-04-26 12:40 - 2015-02-10 18:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-24 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2015-04-22 23:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-22 16:27 - 2015-02-05 13:09 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-22 16:27 - 2015-02-05 13:09 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-21 12:28 - 2015-01-25 21:04 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-21 12:28 - 2015-01-25 21:04 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-21 12:28 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 12:14 - 2015-01-28 15:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-21 12:10 - 2015-01-28 15:04 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-20 15:29 - 2015-03-03 15:38 - 00000000 ____D () C:\Users\Admin\.android
2015-04-20 13:40 - 2015-02-14 11:07 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-20 13:38 - 2015-02-14 11:07 - 00000000 ____D () C:\Program Files\Java
2015-04-20 13:26 - 2015-01-25 12:51 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-19 10:07 - 2015-03-22 16:31 - 00002144 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-04-15 21:18 - 2015-01-25 13:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 21:18 - 2015-01-25 13:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 21:18 - 2015-01-25 13:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-12 08:56 - 2015-01-25 12:59 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-04-12 08:55 - 2015-01-25 12:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-10 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-10 15:25 - 2015-01-25 14:02 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-09 16:15 - 2015-01-31 13:16 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-09 08:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 02:58 - 2015-01-25 14:53 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-09 02:58 - 2015-01-25 12:44 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

==================== Files in the root of some directories =======

2015-03-14 15:04 - 2015-03-14 15:04 - 0000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu
2015-04-26 20:27 - 2015-04-26 20:27 - 0000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-02-04 17:23 - 2015-03-17 14:00 - 0007587 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpywq16r.dll
C:\Users\Admin\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Admin\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 20:32

==================== End Of Log ============================

--- --- ---

--- --- ---

Warum brauchst du das eigentlich fast jedes mal?

schrauber · 10.05.2015, 06:48

Was, das frische FRST log? Damit ich die Veränderungen sehe.

Wir haben jede Menge Adware entfernt, LOgs sind jetzt sauber.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Virus? PC Langsam Anti-Virus/GMER geht nicht!

Plagegeister aller Art und deren Bekämpfung: Virus? PC Langsam Anti-Virus/GMER geht nicht!