Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien

condolai · 02.06.2015, 14:00

Guten Tag!

Ich habe nun seit zwei Tagen folgendes Problem, bzw ich beginne von vorne:

Vor 2 Tagen startete ich meinen PC und es dauerte wirklich ewig bis dieser hochgefahren war (was sonst absolut nicht der fall ist), dies scheint aber jetzt behoben. Was aber nicht behoben ist, dass ist die langsame Internetverbindung, dass extrem lange laden (z.b auch von Google Chrome) und das Laggen. Es ist nämlich so, dass ich z.b. auf "Start" klicke und es auf einmal total hängt. Möchte ich dann den Task Manager öffnen hängt sich dieser meist auch auf (wenn er sich überhaupt öffnet), ich musste meinen PC deshalb jetzt schon öfter manuell neustarten.

Ich wollte Avira durchlaufen lassen, aber ich erhalte immer eine Fehlermeldung ("error unknown <-857735159>") , ähnlich wie es auch folgender Nutzer schilderte: http://www.trojaner-board.de/156730-...stem-lahm.html

Zusammengefasst: Mein System ist über Nacht sehr langsam und Fehlerhaft geworden und mein Antivirenprogramm zeigt mir die oben genannte Fehlermeldung an sobald ich mein System scannen möchte.

Es wäre wirklich toll, wenn sich jemand meinem Problem annehmen würde.

Mit besten Grüßen

M-K-D-B · 02.06.2015, 14:01

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

condolai · 02.06.2015, 14:28

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Marc-Andre´ (administrator) on SUPER-PC on 02-06-2015 15:10:25
Running from C:\Users\Marc-Andre´\Desktop
Loaded Profiles: Marc-Andre´ (Available Profiles: Marc-Andre´ & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-09] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lycosa] => C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [147456 2007-11-20] (Razer USA Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3391720 2015-05-21] (Mister Group)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1797496 2015-03-28] (Simply Super Software)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Google Update] => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Amazon Music] => C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify Web Helper] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\MountPoints2: J - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\MountPoints2: {c61839ce-4daf-11e2-9c12-6c626d0fbfe1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\MountPoints2: {fa68c982-23ca-11e3-a9b6-6c626d0fbfe1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\MountPoints2: {fa68c989-23ca-11e3-a9b6-6c626d0fbfe1} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk [2012-06-04]
ShortcutTarget: FILSHtray.lnk -> C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-12-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 - (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> DefaultScope {E3774029-DBA9-4FAC-9D5C-D8F62AE80435} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {6BC92799-9508-41E4-84A8-527B5779A5DA} URL = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {D3A96EFE-8F54-40AD-87EE-49181A37366A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {E3774029-DBA9-4FAC-9D5C-D8F62AE80435} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} -  No File
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
DPF: HKLM {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_intel_4.1.66.0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default
FF DefaultSearchEngine: ICQ Search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-02-02] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-02-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA -> C:\Program Files (x86)\DNA\plugins\npbtdna.dll [2010-10-03] (BitTorrent, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @Webzen.com/NPGameWebStarter -> C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll [2010-03-19] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Marc-Andre´\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-07-29] ()
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc-Andre´\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: pokki.com/PokkiDownloadHelper -> C:\Users\Marc-Andre´\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [2014-01-12] (Pokki)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-04-20] ()
FF user.js: detected! => C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\user.js [2013-05-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2011-07-28] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
FF SearchPlugin: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\searchplugins\conduit.xml [2011-01-28]
FF SearchPlugin: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\searchplugins\daemon-search.xml [2011-01-29]
FF SearchPlugin: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\searchplugins\icqplugin.xml [2015-05-31]
FF Extension: Avira Browser Safety - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\abs@avira.com [2014-11-18]
FF Extension: Flash Video Downloader Youtube Downloader - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\artur.dubovoy@gmail.com [2012-08-11]
FF Extension: LavaFox V1 - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\info@djzig.com [2012-08-11]
FF Extension: YouTube Unblocker - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\youtubeunblocker@unblocker.yt [2013-09-27]
FF Extension: Flagfox - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-08-11]
FF Extension: Image Zoom - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2011-05-12]
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011-04-30]
FF Extension: Adblock Plus - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2014-12-30]
FF Extension: Download Statusbar - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2012-05-06]
FF Extension: Black Steel - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66} [2011-05-12]
FF Extension: Download Manager Tweak - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} [2010-12-10]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2014-01-25]
FF HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Marc-Andre´\AppData\Roaming\01009
FF Extension: Java String Helper - C:\Users\Marc-Andre´\AppData\Roaming\01009 [2012-02-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2010-08-16]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2010-08-16]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2010-08-16]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2010-08-16]

Chrome: 
=======
CHR Profile: C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]
CHR Extension: (Google Drive) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]
CHR Extension: (YouTube) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
CHR Extension: (Google Search) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
CHR Extension: (Avira Browser Safety) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (AdBlock) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-24]
CHR Extension: (Bookmark Manager) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Steam Trader Helper) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2015-04-15]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-06-06]
CHR Extension: (Google Wallet) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Marc-Andre´\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-08-22]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1186040 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [920872 2013-12-18] (AnchorFree Inc.)
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-12-18] ()
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) [File not signed]
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-24] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-29] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-27] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-12-17] (AnchorFree Inc.)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 CBTNDIS4; \??\C:\Windows\system32\CBTNDIS4.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va003; \??\C:\Users\MARC-A~1\AppData\Local\Temp\00353EE.tmp [X]
S3 X6va005; \??\C:\Users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 15:10 - 2015-06-02 15:10 - 00024843 _____ () C:\Users\Marc-Andre´\Desktop\FRST.txt
2015-06-02 15:10 - 2015-06-02 15:10 - 00000000 ____D () C:\FRST
2015-06-02 15:09 - 2015-06-02 15:09 - 02108928 _____ (Farbar) C:\Users\Marc-Andre´\Desktop\FRST64.exe
2015-06-01 15:52 - 2015-06-01 15:52 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\GWX
2015-05-31 18:15 - 2015-05-31 18:15 - 00001143 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\Users\Marc-Andre´\Documents\Simply Super Software
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\ProgramData\Licenses
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-05-31 18:14 - 2015-05-31 18:15 - 35218576 _____ (Simply Super Software ) C:\Users\Marc-Andre´\Downloads\trjsetup692.exe
2015-05-31 18:12 - 2015-05-31 18:27 - 00000000 ____D () C:\ProgramData\SystemExplorer
2015-05-31 18:12 - 2015-05-31 18:12 - 01918512 _____ (Mister Group ) C:\Users\Marc-Andre´\Downloads\SystemExplorerSetup_642.exe
2015-05-31 18:12 - 2015-05-31 18:12 - 00001090 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2015-05-31 18:12 - 2015-05-31 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2015-05-31 18:12 - 2015-05-31 18:12 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2015-05-25 00:12 - 2015-05-25 00:13 - 00000000 ____D () C:\Users\Marc-Andre´\recorder
2015-05-25 00:08 - 2015-05-25 00:11 - 00000000 ____D () C:\Users\Marc-Andre´\lalala
2015-05-14 20:32 - 2015-05-14 20:35 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Astreya2
2015-05-14 20:15 - 2015-05-14 20:30 - 1040333947 _____ () C:\Users\Marc-Andre´\Downloads\Astreya2-Reloaded 1.0.rar
2015-05-14 03:03 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:03 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:11 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:11 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:11 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:11 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:11 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:11 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:11 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:11 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:11 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:11 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:11 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:11 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:11 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:11 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:11 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:11 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:11 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:11 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:11 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:11 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:11 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:11 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:10 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:10 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:10 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:10 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:10 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:10 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:10 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:10 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:10 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:10 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:10 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:10 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:10 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:10 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:10 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:10 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-09 16:53 - 2015-05-09 16:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\WinAuth
2015-05-09 16:49 - 2015-05-09 16:49 - 01502629 _____ () C:\Users\Marc-Andre´\Downloads\WinAuth-3.1.8.zip
2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Fraps v3.5.9 build 15586 Registered
2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-05 14:58 - 2015-05-05 14:58 - 02624744 _____ () C:\Users\Marc-Andre´\Downloads\Fraps v3.5.9 build 15586 Registered.rar
2015-05-05 14:47 - 2015-05-05 14:47 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam (1).7z
2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\BANDISOFT
2015-05-05 14:43 - 2015-05-05 14:43 - 00000000 ____D () C:\Users\Marc-Andre´\Documents\Bandicam
2015-05-05 14:42 - 2015-05-05 14:42 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam.7z
2015-05-05 14:07 - 2015-05-05 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-05-05 00:51 - 2015-05-05 00:51 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Razer_Inc
2015-05-04 18:37 - 2015-05-05 14:07 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-05-04 18:34 - 2015-05-04 18:34 - 01203488 _____ () C:\Users\Marc-Andre´\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 15:10 - 2011-10-27 21:35 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Dead Island
2015-06-02 13:45 - 2010-09-25 15:48 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000UA.job
2015-06-02 13:37 - 2011-04-26 18:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-02 13:27 - 2014-12-01 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-02 12:56 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-02 12:56 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-02 12:47 - 2009-07-14 19:58 - 06504480 _____ () C:\Windows\system32\perfh007.dat
2015-06-02 12:47 - 2009-07-14 19:58 - 01953640 _____ () C:\Windows\system32\perfc007.dat
2015-06-02 12:47 - 2009-07-14 07:13 - 00006564 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-02 12:45 - 2010-08-13 13:56 - 02018134 _____ () C:\Windows\WindowsUpdate.log
2015-06-02 12:43 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\Spotify
2015-06-02 12:42 - 2012-12-24 16:37 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\HTC MediaHub
2015-06-02 12:41 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Spotify
2015-06-02 12:41 - 2011-04-26 18:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-02 12:40 - 2013-12-23 17:06 - 00055924 _____ () C:\Windows\setupact.log
2015-06-02 12:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-02 03:13 - 2010-08-16 00:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-06-02 00:46 - 2010-08-16 01:09 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68A126FF-1A76-47DF-98CD-F44B2F916D09}
2015-06-01 22:45 - 2011-10-18 18:54 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000Core.job
2015-06-01 17:38 - 2011-03-18 22:11 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\TS3Client
2015-05-31 19:26 - 2010-05-31 13:52 - 00000000 ____D () C:\ProgramData\Temp
2015-05-31 17:18 - 2010-08-13 13:55 - 00000000 ____D () C:\Users\Marc-Andre´
2015-05-31 17:16 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-31 17:16 - 2011-11-10 18:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Akamai
2015-05-31 17:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-26 00:24 - 2013-08-31 00:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\TERA
2015-05-24 23:54 - 2015-01-17 19:08 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Pobre Juan
2015-05-22 14:41 - 2015-03-02 02:54 - 00001848 _____ () C:\Users\Marc-Andre´\Desktop\Storybook.lnk
2015-05-21 03:01 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-18 20:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-18 05:40 - 2010-08-27 19:34 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\SoftGrid Client
2015-05-18 04:30 - 2011-04-26 18:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 04:30 - 2011-04-26 18:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 22:40 - 2011-10-18 18:54 - 00003730 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000Core
2015-05-17 22:40 - 2010-09-25 15:48 - 00004126 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000UA
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 15:00 - 2009-07-14 06:45 - 00294256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 05:05 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 05:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 03:14 - 2010-08-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-14 03:12 - 2013-07-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-14 03:05 - 2010-05-31 13:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 03:02 - 2013-03-14 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-08 14:59 - 2014-01-06 00:39 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-05-08 14:58 - 2013-12-23 17:06 - 00357960 _____ () C:\Windows\PFRO.log
2015-05-07 15:18 - 2011-01-22 13:06 - 00000000 ____D () C:\Fraps
2015-05-06 13:02 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-05 14:59 - 2015-04-18 16:22 - 00000576 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-05-05 14:10 - 2013-08-25 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 14:09 - 2013-08-25 22:18 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:09 - 2013-08-25 22:18 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-05 00:51 - 2014-01-06 00:39 - 00000000 ____D () C:\ProgramData\Razer
2015-05-04 18:37 - 2014-10-23 19:19 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client

==================== Files in the root of some directories =======

2012-02-08 18:43 - 2012-02-28 14:14 - 0000065 _____ () C:\Users\Marc-Andre´\AppData\Roaming\AcroIEHelpe.txt
2012-02-08 18:43 - 2012-02-08 18:43 - 0000136 _____ () C:\Users\Marc-Andre´\AppData\Roaming\srvblck2.tmp
2012-02-29 22:15 - 2012-02-29 22:15 - 0000011 _____ () C:\Users\Marc-Andre´\AppData\Roaming\urhtps.dat
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\Marc-Andre´\AppData\Local\CDRip.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0155136 _____ () C:\Users\Marc-Andre´\AppData\Local\lame_enc.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Marc-Andre´\AppData\Local\No23 Recorder.exe
2005-08-23 23:34 - 2005-08-23 23:34 - 0029184 _____ () C:\Users\Marc-Andre´\AppData\Local\no23xwrapper.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0015872 _____ () C:\Users\Marc-Andre´\AppData\Local\ogg.dll
2011-01-16 22:20 - 2011-01-16 22:50 - 0001481 _____ () C:\Users\Marc-Andre´\AppData\Local\RecConfig.xml
2010-08-18 21:48 - 2010-08-27 02:56 - 0007598 _____ () C:\Users\Marc-Andre´\AppData\Local\Resmon.ResmonCfg
2006-10-26 02:06 - 2006-10-26 02:06 - 0143872 _____ () C:\Users\Marc-Andre´\AppData\Local\vorbis.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0064000 _____ () C:\Users\Marc-Andre´\AppData\Local\vorbisenc.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0019456 _____ () C:\Users\Marc-Andre´\AppData\Local\vorbisfile.dll
2010-08-15 22:42 - 2010-08-15 22:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-08-02 22:59 - 2012-09-14 21:47 - 0002766 _____ () C:\ProgramData\flcd_proxy.log

Files to move or delete:
====================
C:\Users\Marc-Andre´\jagex_runescape_preferences.dat
C:\Users\Marc-Andre´\jagex_runescape_preferences2.dat


Some files in TEMP:
====================
C:\Users\Marc-Andre´\AppData\Local\Temp\avgnt.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\Marc-Andre´\AppData\Local\Temp\eauninstall.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\icqsetup.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\utils.dll
C:\Users\Marc-Andre´\AppData\Local\Temp\_isDE38.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 21:28

==================== End of log ============================

condolai · 02.06.2015, 14:29

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Marc-Andre´ at 2015-06-02 15:11:39
Running from C:\Users\Marc-Andre´\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1234873347-607795945-2308373214-500 - Administrator - Disabled)
fbwuser (S-1-5-21-1234873347-607795945-2308373214-1001 - Limited - Disabled) => C:\Users\fbwuser
Gast (S-1-5-21-1234873347-607795945-2308373214-501 - Limited - Disabled)
Marc-Andre´ (S-1-5-21-1234873347-607795945-2308373214-1000 - Administrator - Enabled) => C:\Users\Marc-Andre´

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

¡Adelante! Nivel elemental (HKLM-x32\...\¡Adelante! Nivel elemental) (Version: 1.0.0.0 - Ernst Klett Verlag GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Age of Chivalry (HKLM-x32\...\Steam App 17510) (Version:  - Team Chivalry)
Akamai NetSession Interface (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version:  - City Interactive)
Amazon Kindle (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV Player (HKLM-x32\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Artweaver 1.0 (HKLM-x32\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
ATI Catalyst Install Manager (HKLM\...\{4C5C7B62-C959-5FEB-FAD6-B7A0BE68B868}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Avert Fate (HKLM-x32\...\{5C4D0A31-F7ED-4F52-B286-5F56B61F9C80}) (Version: 1.00.0000 - Avert Fate)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - )
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
Biologie heute CD (HKLM-x32\...\com.schroedel.bioheuteeinleger) (Version: 1.1 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe)
Biologie heute CD (x32 Version: 1.1 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.16 - Piriform)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Duke Nukem Forever Demo (HKLM-x32\...\Steam App 57940) (Version:  - Gearbox Software)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
FormatFactory 2.50 (HKLM-x32\...\FormatFactory) (Version: 2.50 - Free Time)
Fragen-Lern-CD 4.0 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1) (Version: 4.0.0 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.0 (x32 Version: 4.0.0 - Wendel-Verlag GmbH) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free 3GP Video Converter version 5.0.40.514 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.40.514 - DVDVideoSoft Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gothic 3 Gold (HKLM-x32\...\{68D2A2E2-6B64-4433-8073-0605EB306C1B}) (Version: 1.0.0 - JoWooD)
Gothic II (HKLM-x32\...\Gothic II) (Version:  - JoWooD Productions Software AG)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hotspot Shield 3.23 (HKLM-x32\...\HotspotShield) (Version: 3.23 - AnchorFree Inc.)
HTC Sync Manager (HKLM-x32\...\{7477F26F-CC6A-4F68-8C9D-496DBFF45E05}) (Version: 1.1.27.0 - HTC)
I Am Alive (HKLM-x32\...\Steam App 214250) (Version:  - Ubisoft  Shanghaï)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.5.1003 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
King Arthur - The Role-playing Wargame (HKLM-x32\...\Steam App 24400) (Version:  - Neocore Games)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LightZone 4.0.0 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.0.0 - LightZone Project)
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.01 - Electronic Arts, Inc.)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.03.0.0 - Electronic Arts)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Medion Home Cinema (HKLM-x32\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 6.0.0000 - CyberLink Corp.) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM-x32\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox (3.6.18) (HKLM-x32\...\Mozilla Firefox (3.6.18)) (Version: 3.6.18 (de) - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM-x32\...\{FFD35D1F-F7C8-47AE-AF3E-E569F025CD7D}) (Version: 5.5.28 - Oracle Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Pivot Stickfigure Animator (HKLM-x32\...\{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}) (Version: 2.2.5 - Peter Bone)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pokki Download Helper (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Postal 2 STP - Free Multiplayer Edition (HKLM-x32\...\Postal 2 STP - Free Multiplayer Edition) (Version:  - )
Print Server Support (HKLM-x32\...\{418EF145-944B-4EBC-A755-9F15AEDFB08B}) (Version: 1.00.0000 - Siemens)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Razer Lycosa (HKLM-x32\...\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}) (Version: 1.00.0000 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Screen Recording Suite V2.5.0 (HKLM-x32\...\{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1) (Version: 2.5.0 - Apowersoft)
Secunia PSI (3.0.0.6001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6001 - Secunia)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Spotted Run for your Life (HKLM\...\UDK-a656fd26-fe9c-4d00-8aad-3e63c713bd0c) (Version:  - Epic Games, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Storybook (HKLM-x32\...\Storybook) (Version: 2.1.15 - Intertec)
StreamTransport version: 1.1.0.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
System Explorer 6.4.2 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
System Requirements Lab for Intel (HKLM-x32\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version:  - Tango Gameworks)
The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Trojan Remover 6.9.2 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.2 - Simply Super Software)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
Webzen Game Starter (HKLM-x32\...\{255FC1CF-2620-4B64-BE02-79B9E609BB3D}) (Version: 1.01.1014 - WEBZEN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WSCC 2.1.0.0 (HKLM-x32\...\WSCC_is1) (Version:  - KirySoft)
Zombie Panic Source (HKLM-x32\...\Steam App 17500) (Version:  - Zombie Panic! Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

26-05-2015 03:10:48 Geplanter Prüfpunkt

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FD93574-B94B-40D9-8002-BEF0D67F63A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {19AF296E-2EA2-417E-B7E9-48285607C2A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000Core => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {19B91066-69D3-4122-952B-7EE9B2F1D3CF} - System32\Tasks\{82A055CC-13D1-46DD-9A3A-DA2CB8C785D0} => C:\Users\Marc-Andre´\Desktop\CryEngine\Bin64\Launcher.exe
Task: {1E11C808-87CA-48A9-B9D0-C55B5D78D11E} - System32\Tasks\{78998BB2-5DF3-4ADA-9C1F-F0FA16EE48DD} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/go/help.faq.installer?LastError=1618
Task: {22136676-9F46-4259-B2E0-36258C3D87FD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {25B5A931-DAAC-4113-B6CB-A4823136E9A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000UA => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {31960EE8-2917-4120-B77D-477432EAD972} - System32\Tasks\{51C56D5C-5A7F-4172-852B-7B6CA5A92065} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {4903CF65-B25B-4952-BDB1-EBDCCCE57853} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4F26A30A-008E-4810-8E0E-59C42C704FC0} - System32\Tasks\Schule jo^^ => C:\Users\Marc-Andre´\Desktop\EKO FRESH FEAT HAFTBEFEHL - STILL MENACE (OFFICIAL HD VERSION).mp4
Task: {609931F9-F203-4731-BB25-552FFCAD90EC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {662E61CD-FBF2-453A-ADDD-593241083BF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {71DE537D-2BF3-40F9-BA3D-84A9420E6003} - System32\Tasks\{F3553201-B43E-425B-8061-E19C46894E1E} => pcalua.exe -a "C:\Users\Marc-Andre´\Desktop\anno trainer\IC_annocheat104.exe" -d "C:\Users\Marc-Andre´\Desktop\anno trainer"
Task: {855B49C3-1EF1-49DF-B854-1FB640EE3188} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {8C86B49B-2A76-4806-8A04-6201DD14C2B5} - System32\Tasks\{779B966B-BA4D-462B-BA15-11D996836268} => pcalua.exe -a "C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe"
Task: {B62B4B93-B2AB-4C5F-8D9C-A20131A5A7BA} - System32\Tasks\{2E9988B2-EBD0-41C2-9078-5C3FA1CA49EE} => C:\Users\Marc-Andre´\Desktop\CryEngine\Bin64\Launcher.exe
Task: {C3477AB6-EAC3-4411-B96D-8DFF8B100C84} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {D38B2E7D-23E5-44FE-A7CE-B98DD571361F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {DC27BF67-7135-4103-8404-AFB622CBF4E8} - System32\Tasks\{0BCE45A5-6E0A-4B92-BC53-E05C14F2CD19} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E3E74F4F-9A3C-4749-9334-24ED54A0A27E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F52F510C-46A4-4EE3-A3A5-BB2E7FAA3F35} - System32\Tasks\{6326D6F7-1E62-4FD1-A8E2-C8D9A1116C49} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {F591ACF2-F204-4DA2-82AF-EDF397D083E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000Core.job => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000UA.job => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2010-08-16 23:13 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-05-25 22:46 - 2015-05-22 22:22 - 14982472 _____ () C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:D06A4C76

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc-Andre´\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FILSHtray => "C:\Program Files (x86)\FILSHtray\FILSHtray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7E2E668E-B9B4-41E0-95EF-9D4DBEBBC21B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{FC340676-790F-42D5-A20D-66AABD7968A9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E7ECBD0-9D67-40D5-BE6C-54B65D9E3B0C}] => (Allow) svchost.exe
FirewallRules: [{308C746D-4D38-4150-AE38-6264AB9D58BD}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{F1F6F395-E7F0-4084-A31D-5D0FD09BE912}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6CD6B55-F21A-4E12-AA37-4CABF5EF211C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{92D5BF9F-1684-4AF4-AC31-8D143671752E}C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe] => (Block) C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe
FirewallRules: [UDP Query User{6A2189A7-A31E-4871-B9F7-D620AFE8E087}C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe] => (Block) C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe
FirewallRules: [{6EC9DF7C-57D1-40AA-9766-0F2A91D26C24}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{27C512EE-74C9-4F27-BDAD-08B1D338BD80}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{8FD69238-E644-4745-A958-B5DD4D58764D}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{35ADB5D4-AF09-44BD-A401-789637B4C158}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [TCP Query User{8558347C-B400-4AE7-B3F8-54EF1EC93D42}C:\program files (x86)\metin2\metin2.bin] => (Allow) C:\program files (x86)\metin2\metin2.bin
FirewallRules: [UDP Query User{D11E0519-9831-4ABC-A217-90C23536F4F0}C:\program files (x86)\metin2\metin2.bin] => (Allow) C:\program files (x86)\metin2\metin2.bin
FirewallRules: [TCP Query User{3938B1F3-2A8C-4D9A-A1B0-ACEAD3652445}C:\program files (x86)\metin2\metin2client.bin] => (Allow) C:\program files (x86)\metin2\metin2client.bin
FirewallRules: [UDP Query User{8419F912-94B4-4624-B8A3-0A7B8382D295}C:\program files (x86)\metin2\metin2client.bin] => (Allow) C:\program files (x86)\metin2\metin2client.bin
FirewallRules: [{8496942B-9F52-4A5C-B2A5-5D2CBA898EB3}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{CE5CB3DC-3BF9-4F14-AA56-1E72443CBB11}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{25ED4E0D-9506-4B9B-B783-E94EB5BCBCB3}] => (Allow) C:\Program Files (x86)\DNA\btdna.exe
FirewallRules: [{031BC6C8-E5ED-4264-80B6-F38DF42F6411}] => (Allow) C:\Program Files (x86)\DNA\btdna.exe
FirewallRules: [TCP Query User{E3495B51-2B3B-4AD6-B7E9-F58C99349579}C:\program files (x86)\urbanterror\iourbanterror.exe] => (Allow) C:\program files (x86)\urbanterror\iourbanterror.exe
FirewallRules: [UDP Query User{E88F85DA-933E-4E5F-988E-3D9A1D80C42C}C:\program files (x86)\urbanterror\iourbanterror.exe] => (Allow) C:\program files (x86)\urbanterror\iourbanterror.exe
FirewallRules: [{62A393BF-1080-460D-8274-0CD932AF2376}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{523879E9-231F-4DF4-99F7-2C56DB12C89B}C:\program files (x86)\postal2stp\system\postal2mp.exe] => (Allow) C:\program files (x86)\postal2stp\system\postal2mp.exe
FirewallRules: [UDP Query User{C5F81AB7-9A4B-4CC8-B873-1B21A6CFB78E}C:\program files (x86)\postal2stp\system\postal2mp.exe] => (Allow) C:\program files (x86)\postal2stp\system\postal2mp.exe
FirewallRules: [{C8EC77B1-A318-494D-9086-EE6C30C0DC57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{8F019785-B231-47FF-8950-AFD6A605FBB3}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [UDP Query User{9CC12244-8575-44F7-9576-89CC0E4EC8AA}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [TCP Query User{07396779-1384-4A05-867E-38B5610A931A}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [UDP Query User{197F44AE-435A-4A88-A093-ADB8E879F692}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [{389EFA56-C030-4E16-8239-85FBECA7D513}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{860CFAD8-A55B-4855-B92A-D88B427BFE32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{67A66FA7-C5BF-421E-919A-7808542F5B2D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04281D5B-49FC-4FFF-A171-649B8DE830D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{2156CBBD-0C05-46B7-8ED8-952C041E64B7}C:\users\marc-andre´\desktop\ydvydv\blackops.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackops.exe
FirewallRules: [UDP Query User{10690B86-54DC-4542-821F-AEF4D2F7E226}C:\users\marc-andre´\desktop\ydvydv\blackops.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackops.exe
FirewallRules: [TCP Query User{A82279A9-6138-4C08-88A6-A2EF11FC9790}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe
FirewallRules: [UDP Query User{19D282BA-05F4-43FC-B107-2A9A703B9141}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe
FirewallRules: [TCP Query User{ECFF539F-4A9A-407A-917A-C4A51F7E1C84}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe
FirewallRules: [UDP Query User{65048C42-E557-4AB9-8A5F-7CD46CFD4A70}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe
FirewallRules: [TCP Query User{96E1CDC5-18EA-4FA6-9AD8-D57992E422C6}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe
FirewallRules: [UDP Query User{2107560E-17FA-458D-A70B-BA9BCCB72395}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe
FirewallRules: [TCP Query User{BDAFD6B5-A584-4FE7-A018-DF28B4BF2726}C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{4F285355-22B0-468E-8D2B-7B9086E0DEA8}C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe
FirewallRules: [{C5218F93-78B2-4440-AE9D-19AF958C951E}] => (Allow) %SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [TCP Query User{0450DB9D-7D03-47AB-81CF-2FAB3707119E}C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe
FirewallRules: [UDP Query User{6B3F284C-EEA5-4DEA-9255-C114C50EC5CA}C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe
FirewallRules: [{C1987C9B-67BD-42E8-95E5-B76877D2F604}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{5402EA23-651F-43E8-9D73-4774B6391B9A}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9225F1A1-0AA0-4E68-A902-148128BCD651}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{4B3FF22E-DFE7-4299-9B2E-7A3F71C9173F}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{EDD3527E-B517-4112-9607-CE6172E1AC84}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{DC16CBFB-5FA6-4035-BC18-52707B1CD29F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{368605C8-FD28-4AF4-81EA-3A19DCDBC7FB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{6BB5E284-8D74-4D72-A5DD-0F9B31CD360B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [TCP Query User{59DEB766-2736-4A33-B23F-B498AEB62589}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{AE329436-D2FB-42DD-9516-B53CF3D595BE}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{8733F0E9-94E0-41FF-9D6C-280F13F1D2A4}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe
FirewallRules: [UDP Query User{523DDDF1-9208-497F-AA48-03F45A380226}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe
FirewallRules: [{9AFEA075-018F-4B53-BA28-01CB66DE8851}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D7C40DE-9055-4147-A539-84C99680C5ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6888B93-C29D-4C26-AFFC-F16EE747F67B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{90B649F6-7BC5-4237-8934-8A179FFA1969}C:\program files (x86)\z8games\crossfire\cf_g4box.exe] => (Allow) C:\program files (x86)\z8games\crossfire\cf_g4box.exe
FirewallRules: [UDP Query User{427D20BC-5377-422E-BFA6-1EB787FEF29E}C:\program files (x86)\z8games\crossfire\cf_g4box.exe] => (Allow) C:\program files (x86)\z8games\crossfire\cf_g4box.exe
FirewallRules: [TCP Query User{1059CF1B-5EEA-433E-A038-BF388144356E}C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe
FirewallRules: [UDP Query User{7EC367CD-BBB1-42E1-9CA2-5CB5CAAA92FC}C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe
FirewallRules: [{4FFBBEC6-0373-4C8E-86EC-30F7CDEF4107}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{DEB106A3-6C70-4CB2-A795-6EE75C5E97D0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B1CABB2E-90B7-4F74-83DF-C238B9D43138}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{064B7FBA-31A4-4E9F-AB84-037CE2DCFEAA}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{D5E67826-0038-4F55-B6BC-E47D3E3BDE3E}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{01401BDC-4911-4A8F-9E7B-F52A1AFA2367}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{CE9D82E6-6FBC-407F-B5A6-31321305FECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{C664B43E-D596-4FF0-8869-2331DE846DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{8AB96067-686A-4B91-A6F8-5EB6460120A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{9251D19D-8829-4D04-BC07-85707DB22942}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe
FirewallRules: [{5F10C4D7-2E83-487A-9695-5E03FEDAFFB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe
FirewallRules: [{55E20DC2-7E52-41F0-9B29-C84A93E4F12D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\age of chivalry\hl2.exe
FirewallRules: [{CA299983-2587-41C4-8D85-C2CC9F5A5186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\age of chivalry\hl2.exe
FirewallRules: [{7ABFFBB7-5E68-44AF-A3FE-6E9E42241256}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{E16817EA-2D31-4335-AF37-E3AE09993860}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{95BD0CD3-414A-4117-A253-A600C6ACD41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\duke nukem forever demo\System\DukeForeverDemo.exe
FirewallRules: [{D1B64403-F8FB-439B-A20F-8ACF2A705414}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\duke nukem forever demo\System\DukeForeverDemo.exe
FirewallRules: [TCP Query User{A5B4A15A-FBD2-42BA-B26D-78EB4B454218}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{3F11AF11-A717-4B86-908C-B3D5D2DC5F5E}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{724BED90-7CF4-4E0C-A0A0-35A6402C9A71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{D5D06C4D-F4C6-4772-A391-E11260BDD121}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [TCP Query User{16685EA7-0EFA-44A2-9CE7-BAEB72ED1D1F}C:\users\marc-andre´\desktop\dead island\deadislandgame.exe] => (Block) C:\users\marc-andre´\desktop\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{6634959D-867A-4F30-820A-6C6DF563E9C2}C:\users\marc-andre´\desktop\dead island\deadislandgame.exe] => (Block) C:\users\marc-andre´\desktop\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{FF1114D2-76D4-400A-A189-8ED378C6EC37}C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin] => (Allow) C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin
FirewallRules: [UDP Query User{6C2EAB25-2A8D-4737-84DB-6D1BE9FB44C2}C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin] => (Allow) C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin
FirewallRules: [{661868E0-06E3-4C99-B02C-9B47F3094878}] => (Allow) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{955E1FF3-987C-4236-B641-91B29FD11412}] => (Allow) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{75FDD2CB-0494-4C12-884B-624E20FF35C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{779BBC81-713D-45B2-B290-16F42B910E1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [TCP Query User{84B4BC54-6C3C-46E5-8A5E-97D69211B0EA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{11BD8B0F-BBDE-4CE4-8516-E3512ACF1590}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{00E6A4E1-A0A0-4AE1-98DF-2C60740FFBB5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{6A5C623F-AB46-44D5-9BD9-F0212CB58EBA}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{B058E99F-D380-4AC1-8389-64258197F996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{A9259BAC-0103-41E2-AA84-611448B95229}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{263CE4EB-3FF7-48A9-B713-D511D602D99B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{CFEC88EF-3366-48E2-BC1D-33AD53476C18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{4F99A69D-1B2B-4E5A-B42F-9B575C257448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{CA9B639D-48C9-4677-94E7-4D9A26FE689B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{425A8CA8-4F11-43FB-948E-8AADDAEE89CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{6478CF50-0476-4819-BBC9-83878FFCE5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{E6F9CE51-8DCB-45F2-9C29-5A0531C76952}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\zombie panic! source\hl2.exe
FirewallRules: [{48B28329-4E6B-40BD-879A-24E6FB9E1FFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\zombie panic! source\hl2.exe
FirewallRules: [{80E76CFA-2C15-47B2-B204-9ACDFD213659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthur.exe
FirewallRules: [{3F5FC791-DFE5-422F-BBF2-C8CFAB9A9633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthur.exe
FirewallRules: [{5BAB004B-2CAF-44C2-9CA6-55CC13D0CB94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthurMulti.exe
FirewallRules: [{DA03CA51-A808-4721-A276-87EDBA8566A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthurMulti.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2015 00:50:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/02/2015 00:41:10 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/02/2015 00:29:38 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/01/2015 10:32:07 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!


System errors:
=============
Error: (06/02/2015 02:24:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (06/02/2015 02:17:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (06/02/2015 02:17:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/02/2015 02:17:31 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/02/2015 02:17:31 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/02/2015 02:17:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/02/2015 02:17:25 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/02/2015 02:17:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
avipbb
avkmgr
discache
spldr
Wanarpv6

Error: (06/02/2015 02:17:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/02/2015 02:17:11 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Windows-Firewall" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.


Microsoft Office:
=========================
Error: (06/02/2015 00:50:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/02/2015 00:41:10 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/02/2015 00:29:38 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/01/2015 10:32:07 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 19%
Total physical RAM: 6135.11 MB
Available physical RAM: 4945.64 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 11092.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:672.54 GB) (Free:66.86 GB) NTFS
Drive d: (Recover) (Fixed) (Total:25 GB) (Free:16.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: E90925EA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=672.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

condolai · 02.06.2015, 14:30

Code:

ATTFilter

15:18:05.0326 0x0544  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:18:08.0351 0x0544  ============================================================
15:18:08.0351 0x0544  Current date / time: 2015/06/02 15:18:08.0351
15:18:08.0351 0x0544  SystemInfo:
15:18:08.0351 0x0544  
15:18:08.0351 0x0544  OS Version: 6.1.7601 ServicePack: 1.0
15:18:08.0351 0x0544  Product type: Workstation
15:18:08.0351 0x0544  ComputerName: SUPER-PC
15:18:08.0351 0x0544  UserName: Marc-Andre´
15:18:08.0351 0x0544  Windows directory: C:\Windows
15:18:08.0351 0x0544  System windows directory: C:\Windows
15:18:08.0351 0x0544  Running under WOW64
15:18:08.0351 0x0544  Processor architecture: Intel x64
15:18:08.0351 0x0544  Number of processors: 8
15:18:08.0351 0x0544  Page size: 0x1000
15:18:08.0351 0x0544  Boot type: Safe boot with network
15:18:08.0351 0x0544  ============================================================
15:18:08.0590 0x0544  KLMD registered as C:\Windows\system32\drivers\60659781.sys
15:18:08.0808 0x0544  System UUID: {4AF3C17D-AAC3-33D2-892F-2451FA5C81FD}
15:18:09.0113 0x0544  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:18:09.0122 0x0544  ============================================================
15:18:09.0122 0x0544  \Device\Harddisk0\DR0:
15:18:09.0123 0x0544  MBR partitions:
15:18:09.0123 0x0544  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:18:09.0123 0x0544  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x54112800
15:18:09.0123 0x0544  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54145000, BlocksNum 0x3200000
15:18:09.0123 0x0544  ============================================================
15:18:09.0157 0x0544  C: <-> \Device\Harddisk0\DR0\Partition2
15:18:09.0192 0x0544  D: <-> \Device\Harddisk0\DR0\Partition3
15:18:09.0192 0x0544  ============================================================
15:18:09.0192 0x0544  Initialize success
15:18:09.0192 0x0544  ============================================================
15:19:30.0310 0x022c  ============================================================
15:19:30.0310 0x022c  Scan started
15:19:30.0310 0x022c  Mode: Manual; SigCheck; TDLFS; 
15:19:30.0310 0x022c  ============================================================
15:19:30.0310 0x022c  KSN ping started
15:19:32.0699 0x022c  KSN ping finished: true
15:19:33.0363 0x022c  ================ Scan system memory ========================
15:19:33.0363 0x022c  System memory - ok
15:19:33.0373 0x022c  ================ Scan services =============================
15:19:33.0521 0x022c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:19:33.0555 0x022c  1394ohci - ok
15:19:33.0588 0x022c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:19:33.0603 0x022c  ACPI - ok
15:19:33.0647 0x022c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:19:33.0677 0x022c  AcpiPmi - ok
15:19:33.0789 0x022c  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:19:33.0798 0x022c  AdobeARMservice - ok
15:19:34.0195 0x022c  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:19:34.0207 0x022c  AdobeFlashPlayerUpdateSvc - ok
15:19:34.0240 0x022c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:19:34.0258 0x022c  adp94xx - ok
15:19:34.0298 0x022c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:19:34.0312 0x022c  adpahci - ok
15:19:34.0329 0x022c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:19:34.0340 0x022c  adpu320 - ok
15:19:34.0390 0x022c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:19:34.0399 0x022c  AeLookupSvc - ok
15:19:34.0483 0x022c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:19:34.0501 0x022c  AFD - ok
15:19:34.0562 0x022c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:19:34.0570 0x022c  agp440 - ok
15:19:34.0607 0x022c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:19:34.0616 0x022c  ALG - ok
15:19:34.0677 0x022c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:19:34.0684 0x022c  aliide - ok
15:19:34.0742 0x022c  [ CAA6ED31C6DA3C505A684162B3492166, 9C42E860B335810A10A92B9FE590462B2DEF76C338F239FF49F49B532917EA2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:19:34.0766 0x022c  AMD External Events Utility - ok
15:19:34.0802 0x022c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:19:34.0809 0x022c  amdide - ok
15:19:34.0882 0x022c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:19:34.0891 0x022c  AmdK8 - ok
15:19:35.0119 0x022c  [ CC0B8B1912967D429C4A2D2BD7A9E52D, D63DC46F0367518CA211C23452D1CD0214240353817E7A8F1777C4D6610AAC9C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:19:35.0268 0x022c  amdkmdag - ok
15:19:35.0322 0x022c  [ B855C99C23A57EDECA29F49A3210B95C, EB2E7DF850428CBD5AB1D0F0CDBC0536790BD193459EA6911B90A99E60B4568B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:19:35.0335 0x022c  amdkmdap - ok
15:19:35.0347 0x022c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:19:35.0355 0x022c  AmdPPM - ok
15:19:35.0382 0x022c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:19:35.0392 0x022c  amdsata - ok
15:19:35.0421 0x022c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:19:35.0432 0x022c  amdsbs - ok
15:19:35.0441 0x022c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:19:35.0449 0x022c  amdxata - ok
15:19:35.0571 0x022c  [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:19:35.0635 0x022c  AntiVirMailService - ok
15:19:35.0731 0x022c  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:19:35.0789 0x022c  AntiVirSchedulerService - ok
15:19:35.0836 0x022c  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:19:35.0850 0x022c  AntiVirService - ok
15:19:35.0941 0x022c  [ 266C0506DF8BA3990E12885E64EE4420, 60995CFE54B8594179BEAB06C4498CBF997B0C85147E5DD747CE238C89F6979D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:19:35.0970 0x022c  AntiVirWebService - ok
15:19:36.0043 0x022c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
15:19:36.0052 0x022c  AppID - ok
15:19:36.0077 0x022c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:19:36.0085 0x022c  AppIDSvc - ok
15:19:36.0124 0x022c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:19:36.0134 0x022c  Appinfo - ok
15:19:36.0245 0x022c  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:19:36.0252 0x022c  Apple Mobile Device - ok
15:19:36.0291 0x022c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:19:36.0300 0x022c  arc - ok
15:19:36.0327 0x022c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:19:36.0336 0x022c  arcsas - ok
15:19:36.0465 0x022c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:19:36.0572 0x022c  aspnet_state - ok
15:19:36.0613 0x022c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:19:36.0637 0x022c  AsyncMac - ok
15:19:36.0697 0x022c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:19:36.0704 0x022c  atapi - ok
15:19:36.0777 0x022c  [ 7E2F5A758F63F80F8B03F889B4E6B19F, 5A911F1E9DB2894A7459D072F8D02F884AEF695B51EC17DEEAF874DB5A6F783C ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
15:19:36.0795 0x022c  AtiHdmiService - ok
15:19:36.0871 0x022c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:19:36.0893 0x022c  AudioEndpointBuilder - ok
15:19:36.0910 0x022c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:19:36.0931 0x022c  AudioSrv - ok
15:19:36.0999 0x022c  [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:19:37.0008 0x022c  avgntflt - ok
15:19:37.0051 0x022c  [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:19:37.0060 0x022c  avipbb - ok
15:19:37.0178 0x022c  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
15:19:37.0187 0x022c  Avira.OE.ServiceHost - ok
15:19:37.0230 0x022c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:19:37.0236 0x022c  avkmgr - ok
15:19:37.0283 0x022c  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
15:19:37.0289 0x022c  avnetflt - ok
15:19:37.0366 0x022c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:19:37.0380 0x022c  AxInstSV - ok
15:19:37.0449 0x022c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:19:37.0467 0x022c  b06bdrv - ok
15:19:37.0539 0x022c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:19:37.0551 0x022c  b57nd60a - ok
15:19:37.0592 0x022c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:19:37.0601 0x022c  BDESVC - ok
15:19:37.0626 0x022c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:19:37.0650 0x022c  Beep - ok
15:19:37.0713 0x022c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:19:37.0788 0x022c  BITS - ok
15:19:37.0832 0x022c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:19:37.0840 0x022c  blbdrive - ok
15:19:37.0952 0x022c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:19:37.0966 0x022c  Bonjour Service - ok
15:19:38.0032 0x022c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:19:38.0040 0x022c  bowser - ok
15:19:38.0075 0x022c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:19:38.0100 0x022c  BrFiltLo - ok
15:19:38.0129 0x022c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:19:38.0138 0x022c  BrFiltUp - ok
15:19:38.0186 0x022c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:19:38.0196 0x022c  Browser - ok
15:19:38.0215 0x022c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:19:38.0228 0x022c  Brserid - ok
15:19:38.0256 0x022c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:19:38.0266 0x022c  BrSerWdm - ok
15:19:38.0273 0x022c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:19:38.0283 0x022c  BrUsbMdm - ok
15:19:38.0287 0x022c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:19:38.0295 0x022c  BrUsbSer - ok
15:19:38.0328 0x022c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:19:38.0338 0x022c  BTHMODEM - ok
15:19:38.0365 0x022c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:19:38.0390 0x022c  bthserv - ok
15:19:38.0414 0x022c  CBTNDIS4 - ok
15:19:38.0452 0x022c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:19:38.0479 0x022c  cdfs - ok
15:19:38.0519 0x022c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:19:38.0530 0x022c  cdrom - ok
15:19:38.0588 0x022c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:19:38.0612 0x022c  CertPropSvc - ok
15:19:38.0630 0x022c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:19:38.0640 0x022c  circlass - ok
15:19:38.0692 0x022c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:19:38.0708 0x022c  CLFS - ok
15:19:38.0767 0x022c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:19:38.0778 0x022c  clr_optimization_v2.0.50727_32 - ok
15:19:38.0811 0x022c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:19:38.0821 0x022c  clr_optimization_v2.0.50727_64 - ok
15:19:38.0946 0x022c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:19:39.0064 0x022c  clr_optimization_v4.0.30319_32 - ok
15:19:39.0102 0x022c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:19:39.0164 0x022c  clr_optimization_v4.0.30319_64 - ok
15:19:39.0201 0x022c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:19:39.0209 0x022c  CmBatt - ok
15:19:39.0247 0x022c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:19:39.0255 0x022c  cmdide - ok
15:19:39.0308 0x022c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:19:39.0330 0x022c  CNG - ok
15:19:39.0352 0x022c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:19:39.0360 0x022c  Compbatt - ok
15:19:39.0428 0x022c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:19:39.0438 0x022c  CompositeBus - ok
15:19:39.0460 0x022c  COMSysApp - ok
15:19:39.0484 0x022c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:19:39.0492 0x022c  crcdisk - ok
15:19:39.0532 0x022c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:19:39.0543 0x022c  CryptSvc - ok
15:19:39.0634 0x022c  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:19:39.0659 0x022c  cvhsvc - ok
15:19:39.0713 0x022c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:19:39.0747 0x022c  DcomLaunch - ok
15:19:39.0773 0x022c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:19:39.0803 0x022c  defragsvc - ok
15:19:39.0849 0x022c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:19:39.0874 0x022c  DfsC - ok
15:19:39.0932 0x022c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:19:39.0954 0x022c  Dhcp - ok
15:19:40.0053 0x022c  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:19:40.0087 0x022c  DiagTrack - ok
15:19:40.0108 0x022c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:19:40.0132 0x022c  discache - ok
15:19:40.0146 0x022c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:19:40.0155 0x022c  Disk - ok
15:19:40.0216 0x022c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:19:40.0227 0x022c  Dnscache - ok
15:19:40.0286 0x022c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:19:40.0314 0x022c  dot3svc - ok
15:19:40.0325 0x022c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:19:40.0351 0x022c  DPS - ok
15:19:40.0403 0x022c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:19:40.0410 0x022c  drmkaud - ok
15:19:40.0482 0x022c  [ D3D64CF7B2BCEAA34A270F45A3FFFB36, 4374D4FB081A004C610707669F7817C55F247D1EB3DDA012CCDF080FF39BFAD2 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:19:40.0492 0x022c  dtsoftbus01 - ok
15:19:40.0524 0x022c  dump_wmimmc - ok
15:19:40.0590 0x022c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:19:40.0618 0x022c  DXGKrnl - ok
15:19:40.0644 0x022c  EagleX64 - ok
15:19:40.0678 0x022c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:19:40.0704 0x022c  EapHost - ok
15:19:40.0820 0x022c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:19:40.0896 0x022c  ebdrv - ok
15:19:40.0941 0x022c  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
15:19:40.0950 0x022c  EFS - ok
15:19:41.0021 0x022c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:19:41.0050 0x022c  ehRecvr - ok
15:19:41.0083 0x022c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:19:41.0093 0x022c  ehSched - ok
15:19:41.0124 0x022c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:19:41.0143 0x022c  elxstor - ok
15:19:41.0184 0x022c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:19:41.0192 0x022c  ErrDev - ok
15:19:41.0215 0x022c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:19:41.0248 0x022c  EventSystem - ok
15:19:41.0269 0x022c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:19:41.0297 0x022c  exfat - ok
15:19:41.0318 0x022c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:19:41.0346 0x022c  fastfat - ok
15:19:41.0414 0x022c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:19:41.0436 0x022c  Fax - ok
15:19:41.0459 0x022c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:19:41.0467 0x022c  fdc - ok
15:19:41.0478 0x022c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:19:41.0503 0x022c  fdPHost - ok
15:19:41.0511 0x022c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:19:41.0536 0x022c  FDResPub - ok
15:19:41.0561 0x022c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:19:41.0570 0x022c  FileInfo - ok
15:19:41.0576 0x022c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:19:41.0600 0x022c  Filetrace - ok
15:19:41.0636 0x022c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:19:41.0644 0x022c  flpydisk - ok
15:19:41.0667 0x022c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:19:41.0680 0x022c  FltMgr - ok
15:19:41.0760 0x022c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
15:19:41.0792 0x022c  FontCache - ok
15:19:41.0866 0x022c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:19:41.0873 0x022c  FontCache3.0.0.0 - ok
15:19:41.0891 0x022c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:19:41.0899 0x022c  FsDepends - ok
15:19:41.0966 0x022c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:19:41.0974 0x022c  Fs_Rec - ok
15:19:42.0033 0x022c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:19:42.0047 0x022c  fvevol - ok
15:19:42.0061 0x022c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:19:42.0070 0x022c  gagp30kx - ok
15:19:42.0130 0x022c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:19:42.0136 0x022c  GEARAspiWDM - ok
15:19:42.0197 0x022c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:19:42.0237 0x022c  gpsvc - ok
15:19:42.0376 0x022c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:19:42.0383 0x022c  gupdate - ok
15:19:42.0425 0x022c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:19:42.0432 0x022c  gupdatem - ok
15:19:42.0474 0x022c  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
15:19:42.0480 0x022c  hamachi - ok
15:19:42.0527 0x022c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:19:42.0535 0x022c  hcw85cir - ok
15:19:42.0611 0x022c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:19:42.0628 0x022c  HdAudAddService - ok
15:19:42.0666 0x022c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:19:42.0678 0x022c  HDAudBus - ok
15:19:42.0691 0x022c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:19:42.0699 0x022c  HidBatt - ok
15:19:42.0727 0x022c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:19:42.0738 0x022c  HidBth - ok
15:19:42.0749 0x022c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:19:42.0759 0x022c  HidIr - ok
15:19:42.0780 0x022c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:19:42.0805 0x022c  hidserv - ok
15:19:42.0861 0x022c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:19:42.0869 0x022c  HidUsb - ok
15:19:42.0917 0x022c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:19:42.0942 0x022c  hkmsvc - ok
15:19:42.0986 0x022c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:19:42.0998 0x022c  HomeGroupListener - ok
15:19:43.0044 0x022c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:19:43.0055 0x022c  HomeGroupProvider - ok
15:19:43.0063 0x022c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:19:43.0072 0x022c  HpSAMD - ok
15:19:43.0209 0x022c  [ 911961244D2CE9F1A16737862AE7BF73, 3F12FEF50AF7CF0F47CE2184402654782A8BB5E31BADC788F6E3BB49C37E2A29 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
15:19:43.0234 0x022c  hshld - ok
15:19:43.0279 0x022c  [ AFA58B8A623CD458EF40CFB398AC28E2, 3D82091777BFEBFD431CEFB14C4697888606DEA26D356862B951936975F7CAC1 ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
15:19:43.0285 0x022c  HssDRV6 - ok
15:19:43.0374 0x022c  [ 704EE8EA4A9993E3FD57EC20268CF537, 2A65EDAFC261865D8E12FA765E81AB4CD1094419BDCFCB12D08C324BF25D6730 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
15:19:43.0390 0x022c  HssWd - ok
15:19:43.0406 0x022c  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:19:43.0419 0x022c  HTCAND64 - ok
15:19:43.0548 0x022c  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
15:19:43.0556 0x022c  HTCMonitorService - ok
15:19:43.0600 0x022c  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
15:19:43.0606 0x022c  htcnprot - ok
15:19:43.0761 0x022c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:19:43.0784 0x022c  HTTP - ok
15:19:43.0829 0x022c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:19:43.0836 0x022c  hwpolicy - ok
15:19:43.0938 0x022c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:19:43.0947 0x022c  i8042prt - ok
15:19:44.0014 0x022c  [ BF5442DC14608D18949DC83DE37E667A, 3E46E3AD4FA63738F32A9AA51AFFECD93F96955BFDF8FD9288071AF58608E52E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:19:44.0031 0x022c  iaStor - ok
15:19:44.0177 0x022c  [ DE9560E9703BFE1BD08014A406BE0033, AA11848138C6EC1170EAB94393F8949C359D168F1F25A355F396390FD984A827 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:19:44.0183 0x022c  IAStorDataMgrSvc - ok
15:19:44.0248 0x022c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:19:44.0263 0x022c  iaStorV - ok
15:19:44.0366 0x022c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:19:44.0369 0x022c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:19:46.0683 0x022c  Detect skipped due to KSN trusted
15:19:46.0683 0x022c  IDriverT - ok
15:19:46.0768 0x022c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:19:46.0793 0x022c  idsvc - ok
15:19:46.0815 0x022c  IEEtwCollectorService - ok
15:19:46.0838 0x022c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:19:46.0846 0x022c  iirsp - ok
15:19:46.0918 0x022c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:19:46.0944 0x022c  IKEEXT - ok
15:19:47.0042 0x022c  [ 0ADF714079AE174A39D69036143E4C50, 93184D0DB1265D94BA92922783514ADFDAB04557EB0DEF9715D8B1EF06EDD692 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:19:47.0096 0x022c  IntcAzAudAddService - ok
15:19:47.0147 0x022c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:19:47.0155 0x022c  intelide - ok
15:19:47.0206 0x022c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:19:47.0215 0x022c  intelppm - ok
15:19:47.0252 0x022c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:19:47.0278 0x022c  IPBusEnum - ok
15:19:47.0319 0x022c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:19:47.0344 0x022c  IpFilterDriver - ok
15:19:47.0379 0x022c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:19:47.0388 0x022c  IPMIDRV - ok
15:19:47.0417 0x022c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:19:47.0443 0x022c  IPNAT - ok
15:19:47.0502 0x022c  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:19:47.0521 0x022c  iPod Service - ok
15:19:47.0576 0x022c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:19:47.0587 0x022c  IRENUM - ok
15:19:47.0613 0x022c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:19:47.0621 0x022c  isapnp - ok
15:19:47.0671 0x022c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:19:47.0684 0x022c  iScsiPrt - ok
15:19:47.0716 0x022c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:19:47.0724 0x022c  kbdclass - ok
15:19:47.0740 0x022c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:19:47.0748 0x022c  kbdhid - ok
15:19:47.0759 0x022c  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
15:19:47.0767 0x022c  KeyIso - ok
15:19:47.0810 0x022c  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:19:47.0819 0x022c  KSecDD - ok
15:19:47.0835 0x022c  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:19:47.0845 0x022c  KSecPkg - ok
15:19:47.0853 0x022c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:19:47.0877 0x022c  ksthunk - ok
15:19:47.0959 0x022c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:19:47.0991 0x022c  KtmRm - ok
15:19:48.0058 0x022c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:19:48.0086 0x022c  LanmanServer - ok
15:19:48.0142 0x022c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:19:48.0168 0x022c  LanmanWorkstation - ok
15:19:48.0191 0x022c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:19:48.0216 0x022c  lltdio - ok
15:19:48.0270 0x022c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:19:48.0301 0x022c  lltdsvc - ok
15:19:48.0312 0x022c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:19:48.0336 0x022c  lmhosts - ok
15:19:48.0382 0x022c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:19:48.0392 0x022c  LSI_FC - ok
15:19:48.0413 0x022c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:19:48.0423 0x022c  LSI_SAS - ok
15:19:48.0431 0x022c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:19:48.0441 0x022c  LSI_SAS2 - ok
15:19:48.0456 0x022c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:19:48.0466 0x022c  LSI_SCSI - ok
15:19:48.0470 0x022c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:19:48.0496 0x022c  luafv - ok
15:19:48.0546 0x022c  [ 07389F6925E490D2DB7882110E99921C, AD316EE8A47B6EDD1AB1E1E7DDE2BC69DC0E342144F5B74C96E9494F847B1B7E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
15:19:48.0551 0x022c  lvpepf64 - ok
15:19:48.0621 0x022c  [ 7F0BA3A6E8996F15693C6B7D81DA049E, 96925ABA3A9C5FD2CF9ECBDC4ED8E94033EB1C53DD03F28102E83EEF327777E6 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
15:19:48.0643 0x022c  LVRS64 - ok
15:19:48.0678 0x022c  [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
15:19:48.0684 0x022c  LVUSBS64 - ok
15:19:48.0765 0x022c  [ E5ECF40E5FD459141E5F6685FFD51804, A120A6184AB16864E8A5F1DFD0CD178FCA541DE463B5CEF946E18C34B9B6F716 ] Lycosa          C:\Windows\system32\drivers\Lycosa.sys
15:19:48.0772 0x022c  Lycosa - ok
15:19:48.0815 0x022c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:19:48.0825 0x022c  Mcx2Svc - ok
15:19:48.0846 0x022c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:19:48.0854 0x022c  megasas - ok
15:19:48.0874 0x022c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:19:48.0887 0x022c  MegaSR - ok
15:19:48.0904 0x022c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:19:48.0929 0x022c  MMCSS - ok
15:19:48.0945 0x022c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:19:48.0969 0x022c  Modem - ok
15:19:48.0998 0x022c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:19:49.0008 0x022c  monitor - ok
15:19:49.0045 0x022c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:19:49.0053 0x022c  mouclass - ok
15:19:49.0067 0x022c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:19:49.0075 0x022c  mouhid - ok
15:19:49.0126 0x022c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:19:49.0135 0x022c  mountmgr - ok
15:19:49.0178 0x022c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:19:49.0188 0x022c  mpio - ok
15:19:49.0233 0x022c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:19:49.0258 0x022c  mpsdrv - ok
15:19:49.0337 0x022c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:19:49.0377 0x022c  MpsSvc - ok
15:19:49.0421 0x022c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:19:49.0432 0x022c  MRxDAV - ok
15:19:49.0480 0x022c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:19:49.0490 0x022c  mrxsmb - ok
15:19:49.0534 0x022c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:19:49.0546 0x022c  mrxsmb10 - ok
15:19:49.0559 0x022c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:19:49.0568 0x022c  mrxsmb20 - ok
15:19:49.0612 0x022c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:19:49.0619 0x022c  msahci - ok
15:19:49.0640 0x022c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:19:49.0650 0x022c  msdsm - ok
15:19:49.0691 0x022c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:19:49.0702 0x022c  MSDTC - ok
15:19:49.0717 0x022c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:19:49.0741 0x022c  Msfs - ok
15:19:49.0748 0x022c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:19:49.0772 0x022c  mshidkmdf - ok
15:19:49.0791 0x022c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:19:49.0799 0x022c  msisadrv - ok
15:19:49.0864 0x022c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:19:49.0891 0x022c  MSiSCSI - ok
15:19:49.0894 0x022c  msiserver - ok
15:19:49.0948 0x022c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:19:49.0971 0x022c  MSKSSRV - ok
15:19:50.0013 0x022c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:19:50.0037 0x022c  MSPCLOCK - ok
15:19:50.0047 0x022c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:19:50.0071 0x022c  MSPQM - ok
15:19:50.0121 0x022c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:19:50.0138 0x022c  MsRPC - ok
15:19:50.0150 0x022c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:19:50.0158 0x022c  mssmbios - ok
15:19:50.0171 0x022c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:19:50.0195 0x022c  MSTEE - ok
15:19:50.0206 0x022c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:19:50.0214 0x022c  MTConfig - ok
15:19:50.0244 0x022c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:19:50.0252 0x022c  Mup - ok
15:19:50.0309 0x022c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:19:50.0342 0x022c  napagent - ok
15:19:50.0393 0x022c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:19:50.0410 0x022c  NativeWifiP - ok
15:19:50.0487 0x022c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:19:50.0515 0x022c  NDIS - ok
15:19:50.0531 0x022c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:19:50.0556 0x022c  NdisCap - ok
15:19:50.0592 0x022c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:19:50.0616 0x022c  NdisTapi - ok
15:19:50.0661 0x022c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:19:50.0685 0x022c  Ndisuio - ok
15:19:50.0734 0x022c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:19:50.0760 0x022c  NdisWan - ok
15:19:50.0798 0x022c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:19:50.0823 0x022c  NDProxy - ok
15:19:50.0826 0x022c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:19:50.0850 0x022c  NetBIOS - ok
15:19:50.0862 0x022c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:19:50.0890 0x022c  NetBT - ok
15:19:50.0898 0x022c  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
15:19:50.0906 0x022c  Netlogon - ok
15:19:50.0936 0x022c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:19:50.0968 0x022c  Netman - ok
15:19:51.0027 0x022c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:51.0038 0x022c  NetMsmqActivator - ok
15:19:51.0043 0x022c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:51.0055 0x022c  NetPipeActivator - ok
15:19:51.0086 0x022c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:19:51.0119 0x022c  netprofm - ok
15:19:51.0145 0x022c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:51.0157 0x022c  NetTcpActivator - ok
15:19:51.0163 0x022c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:19:51.0175 0x022c  NetTcpPortSharing - ok
15:19:51.0200 0x022c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:19:51.0209 0x022c  nfrd960 - ok
15:19:51.0267 0x022c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:19:51.0281 0x022c  NlaSvc - ok
15:19:51.0293 0x022c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:19:51.0339 0x022c  Npfs - ok
15:19:51.0374 0x022c  npggsvc - ok
15:19:51.0376 0x022c  NPPTNT2 - ok
15:19:51.0398 0x022c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:19:51.0423 0x022c  nsi - ok
15:19:51.0432 0x022c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:19:51.0456 0x022c  nsiproxy - ok
15:19:51.0543 0x022c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:19:51.0606 0x022c  Ntfs - ok
15:19:51.0610 0x022c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:19:51.0634 0x022c  Null - ok
15:19:51.0676 0x022c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:19:51.0687 0x022c  nvraid - ok
15:19:51.0731 0x022c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:19:51.0742 0x022c  nvstor - ok
15:19:51.0754 0x022c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:19:51.0764 0x022c  nv_agp - ok
15:19:51.0780 0x022c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:19:51.0789 0x022c  ohci1394 - ok
15:19:51.0827 0x022c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:19:51.0835 0x022c  ose - ok
15:19:52.0009 0x022c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:19:52.0121 0x022c  osppsvc - ok
15:19:52.0160 0x022c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:19:52.0175 0x022c  p2pimsvc - ok
15:19:52.0220 0x022c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:19:52.0236 0x022c  p2psvc - ok
15:19:52.0253 0x022c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:19:52.0263 0x022c  Parport - ok
15:19:52.0307 0x022c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:19:52.0316 0x022c  partmgr - ok
15:19:52.0404 0x022c  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:19:52.0409 0x022c  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
15:19:54.0733 0x022c  Detect skipped due to KSN trusted
15:19:54.0733 0x022c  PassThru Service - ok
15:19:54.0778 0x022c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:19:54.0790 0x022c  PcaSvc - ok
15:19:54.0840 0x022c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:19:54.0851 0x022c  pci - ok
15:19:54.0895 0x022c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:19:54.0903 0x022c  pciide - ok
15:19:54.0939 0x022c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:19:54.0950 0x022c  pcmcia - ok
15:19:54.0969 0x022c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:19:54.0978 0x022c  pcw - ok
15:19:55.0004 0x022c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:19:55.0025 0x022c  PEAUTH - ok
15:19:55.0077 0x022c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:19:55.0086 0x022c  PerfHost - ok
15:19:55.0221 0x022c  [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
15:19:55.0281 0x022c  PID_PEPI - ok
15:19:55.0352 0x022c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:19:55.0404 0x022c  pla - ok
15:19:55.0470 0x022c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:19:55.0486 0x022c  PlugPlay - ok
15:19:55.0528 0x022c  PnkBstrA - ok
15:19:55.0565 0x022c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:19:55.0573 0x022c  PNRPAutoReg - ok
15:19:55.0590 0x022c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:19:55.0604 0x022c  PNRPsvc - ok
15:19:55.0638 0x022c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:19:55.0671 0x022c  PolicyAgent - ok
15:19:55.0699 0x022c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:19:55.0727 0x022c  Power - ok
15:19:55.0779 0x022c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:19:55.0804 0x022c  PptpMiniport - ok
15:19:55.0823 0x022c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:19:55.0832 0x022c  Processor - ok
15:19:55.0883 0x022c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:19:55.0895 0x022c  ProfSvc - ok
15:19:55.0909 0x022c  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:19:55.0917 0x022c  ProtectedStorage - ok
15:19:55.0981 0x022c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:19:56.0007 0x022c  Psched - ok
15:19:56.0058 0x022c  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
15:19:56.0063 0x022c  PSI - ok
15:19:56.0121 0x022c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:19:56.0160 0x022c  ql2300 - ok
15:19:56.0178 0x022c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:19:56.0187 0x022c  ql40xx - ok
15:19:56.0207 0x022c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:19:56.0223 0x022c  QWAVE - ok
15:19:56.0240 0x022c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:19:56.0251 0x022c  QWAVEdrv - ok
15:19:56.0260 0x022c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:19:56.0284 0x022c  RasAcd - ok
15:19:56.0332 0x022c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:19:56.0357 0x022c  RasAgileVpn - ok
15:19:56.0371 0x022c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:19:56.0397 0x022c  RasAuto - ok
15:19:56.0443 0x022c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:19:56.0468 0x022c  Rasl2tp - ok
15:19:56.0525 0x022c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:19:56.0555 0x022c  RasMan - ok
15:19:56.0563 0x022c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:19:56.0589 0x022c  RasPppoe - ok
15:19:56.0600 0x022c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:19:56.0625 0x022c  RasSstp - ok
15:19:56.0689 0x022c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:19:56.0718 0x022c  rdbss - ok
15:19:56.0736 0x022c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:19:56.0746 0x022c  rdpbus - ok
15:19:56.0758 0x022c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:19:56.0782 0x022c  RDPCDD - ok
15:19:56.0806 0x022c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:19:56.0830 0x022c  RDPENCDD - ok
15:19:56.0855 0x022c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:19:56.0879 0x022c  RDPREFMP - ok
15:19:56.0930 0x022c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:19:56.0962 0x022c  RDPWD - ok
15:19:57.0011 0x022c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:19:57.0023 0x022c  rdyboost - ok
15:19:57.0071 0x022c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:19:57.0097 0x022c  RemoteAccess - ok
15:19:57.0109 0x022c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:19:57.0136 0x022c  RemoteRegistry - ok
15:19:57.0155 0x022c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:19:57.0181 0x022c  RpcEptMapper - ok
15:19:57.0189 0x022c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:19:57.0197 0x022c  RpcLocator - ok
15:19:57.0224 0x022c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:19:57.0258 0x022c  RpcSs - ok
15:19:57.0270 0x022c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:19:57.0295 0x022c  rspndr - ok
15:19:57.0365 0x022c  [ 16D4E350420BAA7E63E16E3FC033E1F5, ED972E45A286161F02A2F3924B5A0EF86466F2FBC28B24AD4287CCDD68E76A80 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:19:57.0379 0x022c  RTL8167 - ok
15:19:57.0441 0x022c  [ 4A06585C8673F4458E9FBBC9DDDB4D28, D27CA2DD3187DF00C2CE3CC504C12E8055E9CA7B52268A3DE20BBC7D67F88AC5 ] RTL8187B        C:\Windows\system32\DRIVERS\wg111v3.sys
15:19:57.0457 0x022c  RTL8187B - ok
15:19:57.0466 0x022c  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
15:19:57.0474 0x022c  SamSs - ok
15:19:57.0519 0x022c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:19:57.0529 0x022c  sbp2port - ok
15:19:57.0546 0x022c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:19:57.0574 0x022c  SCardSvr - ok
15:19:57.0636 0x022c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:19:57.0659 0x022c  scfilter - ok
15:19:57.0726 0x022c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:19:57.0772 0x022c  Schedule - ok
15:19:57.0818 0x022c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:19:57.0843 0x022c  SCPolicySvc - ok
15:19:57.0854 0x022c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:19:57.0865 0x022c  SDRSVC - ok
15:19:57.0917 0x022c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:19:57.0959 0x022c  secdrv - ok
15:19:57.0982 0x022c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:19:58.0006 0x022c  seclogon - ok
15:19:58.0100 0x022c  [ 306F9390976E41063D21AB9AB6D48122, 77C4814AFC6719059E64492BD4B79A1B3ADA8F9EC4C34B51489983C98AC6E300 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:19:58.0131 0x022c  Secunia PSI Agent - ok
15:19:58.0197 0x022c  [ 29C852880E9634F8C6BD77A4E68B5B34, A9A5FEB3003AC5B3532275A8B35EEE89C7256F2A6870656FB417854CDC278C1E ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
15:19:58.0215 0x022c  Secunia Update Agent - ok
15:19:58.0228 0x022c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:19:58.0254 0x022c  SENS - ok
15:19:58.0260 0x022c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:19:58.0268 0x022c  SensrSvc - ok
15:19:58.0325 0x022c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:19:58.0333 0x022c  Serenum - ok
15:19:58.0370 0x022c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:19:58.0379 0x022c  Serial - ok
15:19:58.0420 0x022c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:19:58.0428 0x022c  sermouse - ok
15:19:58.0474 0x022c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:19:58.0500 0x022c  SessionEnv - ok
15:19:58.0543 0x022c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:19:58.0550 0x022c  sffdisk - ok
15:19:58.0557 0x022c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:19:58.0564 0x022c  sffp_mmc - ok
15:19:58.0576 0x022c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:19:58.0585 0x022c  sffp_sd - ok
15:19:58.0603 0x022c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:19:58.0610 0x022c  sfloppy - ok
15:19:58.0699 0x022c  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:19:58.0722 0x022c  Sftfs - ok
15:19:58.0759 0x022c  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:19:58.0777 0x022c  sftlist - ok
15:19:58.0830 0x022c  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:19:58.0843 0x022c  Sftplay - ok
15:19:58.0856 0x022c  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:19:58.0864 0x022c  Sftredir - ok
15:19:58.0869 0x022c  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:19:58.0876 0x022c  Sftvol - ok
15:19:58.0889 0x022c  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:19:58.0900 0x022c  sftvsa - ok
15:19:58.0926 0x022c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:19:58.0957 0x022c  SharedAccess - ok
15:19:59.0010 0x022c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:19:59.0041 0x022c  ShellHWDetection - ok
15:19:59.0095 0x022c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:19:59.0103 0x022c  SiSRaid2 - ok
15:19:59.0120 0x022c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:19:59.0129 0x022c  SiSRaid4 - ok
15:19:59.0235 0x022c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:19:59.0250 0x022c  SkypeUpdate - ok
15:19:59.0275 0x022c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:19:59.0301 0x022c  Smb - ok
15:19:59.0367 0x022c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:19:59.0376 0x022c  SNMPTRAP - ok
15:19:59.0421 0x022c  [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan        C:\Windows\syswow64\speedfan.sys
15:19:59.0428 0x022c  speedfan - ok
15:19:59.0435 0x022c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:19:59.0443 0x022c  spldr - ok
15:19:59.0516 0x022c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:19:59.0536 0x022c  Spooler - ok
15:19:59.0670 0x022c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:19:59.0768 0x022c  sppsvc - ok
15:19:59.0783 0x022c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:19:59.0809 0x022c  sppuinotify - ok
15:19:59.0871 0x022c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:19:59.0887 0x022c  srv - ok
15:19:59.0939 0x022c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:19:59.0955 0x022c  srv2 - ok
15:20:00.0000 0x022c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:20:00.0011 0x022c  srvnet - ok
15:20:00.0030 0x022c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:20:00.0058 0x022c  SSDPSRV - ok
15:20:00.0070 0x022c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:20:00.0096 0x022c  SstpSvc - ok
15:20:00.0183 0x022c  [ EE53F3361861C77535BBD2EEBD0D8A2E, 442921385BDEA14B237280C71DFEB1AA14AFF44DDAECD2601DDA37A77578F838 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:20:00.0206 0x022c  Steam Client Service - ok
15:20:00.0232 0x022c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:20:00.0240 0x022c  stexstor - ok
15:20:00.0310 0x022c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:20:00.0334 0x022c  stisvc - ok
15:20:00.0381 0x022c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:20:00.0388 0x022c  swenum - ok
15:20:00.0409 0x022c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:20:00.0444 0x022c  swprv - ok
15:20:00.0540 0x022c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:20:00.0588 0x022c  SysMain - ok
15:20:00.0712 0x022c  [ 00068CD7BD0A2BFA6ACC1F75671394FF, BE2235923006B300910404020D8FA3E4B6F4798778E03D1AFD3A04D995411C72 ] SystemExplorerHelpService C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
15:20:00.0735 0x022c  SystemExplorerHelpService - ok
15:20:00.0774 0x022c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:20:00.0787 0x022c  TabletInputService - ok
15:20:00.0847 0x022c  [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
15:20:00.0853 0x022c  taphss6 - ok
15:20:00.0903 0x022c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:20:00.0933 0x022c  TapiSrv - ok
15:20:00.0945 0x022c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:20:00.0971 0x022c  TBS - ok
15:20:01.0058 0x022c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:20:01.0106 0x022c  Tcpip - ok
15:20:01.0191 0x022c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:20:01.0238 0x022c  TCPIP6 - ok
15:20:01.0282 0x022c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:20:01.0290 0x022c  tcpipreg - ok
15:20:01.0309 0x022c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:20:01.0317 0x022c  TDPIPE - ok
15:20:01.0375 0x022c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:20:01.0382 0x022c  TDTCP - ok
15:20:01.0425 0x022c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:20:01.0435 0x022c  tdx - ok
15:20:01.0441 0x022c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:20:01.0450 0x022c  TermDD - ok
15:20:01.0512 0x022c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:20:01.0535 0x022c  TermService - ok
15:20:01.0543 0x022c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:20:01.0555 0x022c  Themes - ok
15:20:01.0584 0x022c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:20:01.0609 0x022c  THREADORDER - ok
15:20:01.0625 0x022c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:20:01.0652 0x022c  TrkWks - ok
15:20:01.0712 0x022c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:20:01.0738 0x022c  TrustedInstaller - ok
15:20:01.0780 0x022c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:20:01.0788 0x022c  tssecsrv - ok
15:20:01.0836 0x022c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:20:01.0844 0x022c  TsUsbFlt - ok
15:20:01.0900 0x022c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:20:01.0925 0x022c  tunnel - ok
15:20:01.0948 0x022c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:20:01.0956 0x022c  uagp35 - ok
15:20:01.0976 0x022c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:20:02.0005 0x022c  udfs - ok
15:20:02.0035 0x022c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:20:02.0045 0x022c  UI0Detect - ok
15:20:02.0083 0x022c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:20:02.0092 0x022c  uliagpkx - ok
15:20:02.0115 0x022c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
15:20:02.0123 0x022c  umbus - ok
15:20:02.0151 0x022c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:20:02.0159 0x022c  UmPass - ok
15:20:02.0182 0x022c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:20:02.0213 0x022c  upnphost - ok
15:20:02.0265 0x022c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:20:02.0274 0x022c  USBAAPL64 - ok
15:20:02.0330 0x022c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:20:02.0340 0x022c  usbaudio - ok
15:20:02.0378 0x022c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:20:02.0387 0x022c  usbccgp - ok
15:20:02.0446 0x022c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:20:02.0455 0x022c  usbcir - ok
15:20:02.0493 0x022c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:20:02.0501 0x022c  usbehci - ok
15:20:02.0574 0x022c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:20:02.0588 0x022c  usbhub - ok
15:20:02.0630 0x022c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:20:02.0637 0x022c  usbohci - ok
15:20:02.0654 0x022c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:20:02.0664 0x022c  usbprint - ok
15:20:02.0722 0x022c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:20:02.0730 0x022c  usbscan - ok
15:20:02.0743 0x022c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:20:02.0751 0x022c  USBSTOR - ok
15:20:02.0799 0x022c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:20:02.0806 0x022c  usbuhci - ok
15:20:02.0817 0x022c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:20:02.0843 0x022c  UxSms - ok
15:20:02.0853 0x022c  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
15:20:02.0861 0x022c  VaultSvc - ok
15:20:02.0864 0x022c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:20:02.0872 0x022c  vdrvroot - ok
15:20:02.0923 0x022c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:20:02.0957 0x022c  vds - ok
15:20:02.0980 0x022c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:20:02.0989 0x022c  vga - ok
15:20:03.0006 0x022c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:20:03.0030 0x022c  VgaSave - ok
15:20:03.0049 0x022c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:20:03.0061 0x022c  vhdmp - ok
15:20:03.0096 0x022c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:20:03.0104 0x022c  viaide - ok
15:20:03.0121 0x022c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:20:03.0130 0x022c  volmgr - ok
15:20:03.0198 0x022c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:20:03.0213 0x022c  volmgrx - ok
15:20:03.0233 0x022c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:20:03.0247 0x022c  volsnap - ok
15:20:03.0303 0x022c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:20:03.0313 0x022c  vsmraid - ok
15:20:03.0408 0x022c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:20:03.0465 0x022c  VSS - ok
15:20:03.0480 0x022c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:20:03.0490 0x022c  vwifibus - ok
15:20:03.0496 0x022c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:20:03.0508 0x022c  vwififlt - ok
15:20:03.0535 0x022c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:20:03.0568 0x022c  W32Time - ok
15:20:03.0593 0x022c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:20:03.0601 0x022c  WacomPen - ok
15:20:03.0619 0x022c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:20:03.0643 0x022c  WANARP - ok
15:20:03.0647 0x022c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:20:03.0671 0x022c  Wanarpv6 - ok
15:20:03.0752 0x022c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:20:03.0792 0x022c  wbengine - ok
15:20:03.0811 0x022c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:20:03.0827 0x022c  WbioSrvc - ok
15:20:03.0843 0x022c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:20:03.0862 0x022c  wcncsvc - ok
15:20:03.0868 0x022c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:20:03.0876 0x022c  WcsPlugInService - ok
15:20:03.0905 0x022c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:20:03.0913 0x022c  Wd - ok
15:20:03.0973 0x022c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:20:03.0998 0x022c  Wdf01000 - ok
15:20:04.0056 0x022c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:20:04.0066 0x022c  WdiServiceHost - ok
15:20:04.0083 0x022c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:20:04.0093 0x022c  WdiSystemHost - ok
15:20:04.0143 0x022c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:20:04.0156 0x022c  WebClient - ok
15:20:04.0174 0x022c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:20:04.0203 0x022c  Wecsvc - ok
15:20:04.0212 0x022c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:20:04.0238 0x022c  wercplsupport - ok
15:20:04.0283 0x022c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:20:04.0309 0x022c  WerSvc - ok
15:20:04.0327 0x022c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:20:04.0351 0x022c  WfpLwf - ok
15:20:04.0360 0x022c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:20:04.0368 0x022c  WIMMount - ok
15:20:04.0373 0x022c  WinHttpAutoProxySvc - ok
15:20:04.0420 0x022c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:20:04.0450 0x022c  Winmgmt - ok
15:20:04.0543 0x022c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:20:04.0594 0x022c  WinRM - ok
15:20:04.0670 0x022c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:20:04.0681 0x022c  WinUsb - ok
15:20:04.0717 0x022c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:20:04.0747 0x022c  Wlansvc - ok
15:20:04.0913 0x022c  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:20:04.0967 0x022c  wlidsvc - ok
15:20:05.0010 0x022c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:20:05.0018 0x022c  WmiAcpi - ok
15:20:05.0033 0x022c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:20:05.0045 0x022c  wmiApSrv - ok
15:20:05.0051 0x022c  WMPNetworkSvc - ok
15:20:05.0054 0x022c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:20:05.0062 0x022c  WPCSvc - ok
15:20:05.0119 0x022c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:20:05.0131 0x022c  WPDBusEnum - ok
15:20:05.0145 0x022c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:20:05.0170 0x022c  ws2ifsl - ok
15:20:05.0220 0x022c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] WscSvc          C:\Windows\System32\wscsvc.dll
15:20:05.0233 0x022c  WscSvc - ok
15:20:05.0235 0x022c  WSearch - ok
15:20:05.0315 0x022c  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:20:05.0376 0x022c  wuauserv - ok
15:20:05.0423 0x022c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:20:05.0432 0x022c  WudfPf - ok
15:20:05.0471 0x022c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
15:20:05.0482 0x022c  WUDFRd - ok
15:20:05.0486 0x022c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:20:05.0496 0x022c  wudfsvc - ok
15:20:05.0557 0x022c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:20:05.0570 0x022c  WwanSvc - ok
15:20:05.0658 0x022c  X6va003 - ok
15:20:05.0659 0x022c  X6va005 - ok
15:20:05.0680 0x022c  ================ Scan global ===============================
15:20:05.0711 0x022c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:20:05.0764 0x022c  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
15:20:05.0775 0x022c  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
15:20:05.0802 0x022c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:20:05.0856 0x022c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:20:05.0862 0x022c  [ Global ] - ok
15:20:05.0863 0x022c  ================ Scan MBR ==================================
15:20:05.0873 0x022c  [ 01C6AE8EADD5F5B4C22DD5848D9CB4B9 ] \Device\Harddisk0\DR0
15:20:08.0325 0x022c  \Device\Harddisk0\DR0 - ok
15:20:08.0325 0x022c  ================ Scan VBR ==================================
15:20:08.0326 0x022c  [ 17AD27D237CC2219578626E3766CE2C8 ] \Device\Harddisk0\DR0\Partition1
15:20:08.0328 0x022c  \Device\Harddisk0\DR0\Partition1 - ok
15:20:08.0329 0x022c  [ BD5F30E896EDED199FB9DBE3F1B65D94 ] \Device\Harddisk0\DR0\Partition2
15:20:08.0330 0x022c  \Device\Harddisk0\DR0\Partition2 - ok
15:20:08.0332 0x022c  [ 48825E8E103EEA0D84B1AFD98B38440F ] \Device\Harddisk0\DR0\Partition3
15:20:08.0333 0x022c  \Device\Harddisk0\DR0\Partition3 - ok
15:20:08.0333 0x022c  ================ Scan generic autorun ======================
15:20:08.0632 0x022c  [ EF8152CC98AFB4C40F10C2070C278AFB, E4C16E22E21F68C566A5E6CB7DBA712123F03FDD1DFEE456B3DD8CAFAF65C3EA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:20:08.0927 0x022c  RtHDVCpl - ok
15:20:08.0959 0x022c  [ D82706D5D38AE989B9173F1314F696C7, 7000FCBD6F90859FC1D44857E8BAEF8055AEBB905C0195A350F86F3EF19133CA ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
15:20:08.0971 0x022c  IAStorIcon - ok
15:20:09.0022 0x022c  [ 9AC78D384CE632BF4B5C73D5231CE17E, 82E9AC0C9DA7FB7334238AE27E2F7038B16AE9F772E86F61B1042D12CEE1291C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:20:09.0028 0x022c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:20:11.0345 0x022c  Detect skipped due to KSN trusted
15:20:11.0345 0x022c  StartCCC - ok
15:20:11.0412 0x022c  [ 42CDFB2273EEC623B903C311B19FB484, D0FF021BF53FB6CB994D2455D9B5AE69EC2990216738424731D5EAFBA8EE8506 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
15:20:11.0419 0x022c  AppleSyncNotifier - ok
15:20:11.0459 0x022c  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
15:20:11.0463 0x022c  amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
15:20:13.0774 0x022c  Detect skipped due to KSN trusted
15:20:13.0774 0x022c  amd_dc_opt - ok
15:20:13.0838 0x022c  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:20:13.0845 0x022c  APSDaemon - ok
15:20:13.0944 0x022c  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:20:13.0967 0x022c  avgnt - ok
15:20:14.0022 0x022c  [ BBDFDDA0B40FA929314138F93BD89759, E9366C12FD791E64953267DE2703106D9E91464A8DCEF900BABA125F261C3CEC ] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe
15:20:14.0041 0x022c  Lycosa - detected UnsignedFile.Multi.Generic ( 1 )
15:20:16.0354 0x022c  Detect skipped due to KSN trusted
15:20:16.0354 0x022c  Lycosa - ok
15:20:16.0440 0x022c  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:20:16.0449 0x022c  iTunesHelper - ok
15:20:16.0505 0x022c  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:20:16.0538 0x022c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:20:18.0861 0x022c  Detect skipped due to KSN trusted
15:20:18.0861 0x022c  QuickTime Task - ok
15:20:18.0913 0x022c  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
15:20:18.0921 0x022c  Avira Systray - ok
15:20:19.0080 0x022c  [ 66A77B11E3B0DD7E95A8839D8102ACD5, 9BD8EECB20E031BEF5155FE6E449B62DB7FE09CC5CE54D2DF7FD9BFE7EA71146 ] C:\Program Files (x86)\System Explorer\SystemExplorer.exe
15:20:19.0196 0x022c  SystemExplorerAutoStart - ok
15:20:19.0316 0x022c  [ 2F41FFCCF3146BEAE0D2D30825928586, 18F762F17E8DFC9C1707317722C301D5636BA810547CB1A0391A6702BDC3E0BA ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
15:20:19.0409 0x022c  TrojanScanner - ok
15:20:19.0488 0x022c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:20:19.0550 0x022c  Sidebar - ok
15:20:19.0578 0x022c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:20:19.0609 0x022c  mctadmin - ok
15:20:19.0655 0x022c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:20:19.0687 0x022c  Sidebar - ok
15:20:19.0691 0x022c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:20:19.0704 0x022c  mctadmin - ok
15:20:19.0802 0x022c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe
15:20:19.0810 0x022c  Google Update - ok
15:20:20.0003 0x022c  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
15:20:20.0149 0x022c  Akamai NetSession Interface - ok
15:20:20.0191 0x022c  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:20:20.0215 0x022c  RESTART_STICKY_NOTES - ok
15:20:20.0457 0x022c  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe
15:20:20.0640 0x022c  Amazon Music - ok
15:20:20.0781 0x022c  [ C3E6128725B7C509EB6742A6F2310576, C8348D91AF275185FE90BAB2315AC05B4009E36ECF321E5CECF34D1C3F8AC8B6 ] C:\Users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:20:20.0852 0x022c  Spotify Web Helper - ok
15:20:21.0084 0x022c  [ 62A076C5767090FA3D5128735ADF2995, 2B68994E6BBCBE2EE90867E7C503433DF0C1D59C04DAD368122CC9FE9D7C30B1 ] C:\Users\Marc-Andre´\AppData\Roaming\Spotify\Spotify.exe
15:20:21.0313 0x022c  Spotify - ok
15:20:21.0361 0x022c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:20:21.0393 0x022c  Sidebar - ok
15:20:21.0398 0x022c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:20:21.0410 0x022c  mctadmin - ok
15:20:21.0423 0x022c  Waiting for KSN requests completion. In queue: 17
15:20:22.0423 0x022c  Waiting for KSN requests completion. In queue: 17
15:20:23.0423 0x022c  Waiting for KSN requests completion. In queue: 17
15:20:24.0565 0x022c  Win FW state via NFP2: enabled
15:20:26.0924 0x022c  ============================================================
15:20:26.0924 0x022c  Scan finished
15:20:26.0924 0x022c  ============================================================
15:20:26.0928 0x06e4  Detected object count: 0
15:20:26.0928 0x06e4  Actual detected object count: 0
15:20:56.0741 0x07b8  Deinitialize success

M-K-D-B · 02.06.2015, 20:31

Servus,

ich sehe da Malware, die schon sehr lange auf deinem Rechner ist...

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

condolai · 03.06.2015, 14:36

Code:

ATTFilter

ComboFix 15-05-31.01 - Marc-Andre´ 03.06.2015  15:16:06.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6135.4580 [GMT 2:00]
ausgeführt von:: c:\users\Marc-Andre¦\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
C:\Install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
c:\users\MARC-A~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Marc-Andre´\AppData\Local\lame_enc.dll
c:\users\Marc-Andre´\AppData\Local\no23xwrapper.dll
c:\users\Marc-Andre´\AppData\Local\ogg.dll
c:\users\Marc-Andre´\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Marc-Andre´\AppData\Local\vorbis.dll
c:\users\Marc-Andre´\AppData\Local\vorbisenc.dll
c:\users\Marc-Andre´\AppData\Local\vorbisfile.dll
c:\users\Marc-Andre´\AppData\Roaming\AcroIEHelpe.txt
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\~DFK25d7b9.tmp
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\bass.dll
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Marc-Andre´\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Marc-Andre´\AppData\Roaming\srvblck2.tmp
c:\windows\SysWow64\tmpA94.tmp
c:\windows\SysWow64\tmpAF2.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-03 bis 2015-06-03  ))))))))))))))))))))))))))))))
.
.
2015-06-02 13:10 . 2015-06-02 13:11	--------	d-----w-	C:\FRST
2015-06-01 13:52 . 2015-06-01 13:52	--------	d-----w-	c:\users\Marc-Andre´\AppData\Local\GWX
2015-05-31 16:15 . 2015-05-31 16:15	--------	d-----w-	c:\programdata\Licenses
2015-05-24 22:12 . 2015-05-24 22:13	--------	d-----w-	c:\users\Marc-Andre´\recorder
2015-05-24 22:08 . 2015-05-24 22:11	--------	d-----w-	c:\users\Marc-Andre´\lalala
2015-05-14 01:03 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:03 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:10 . 2015-04-27 19:23	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-09 14:53 . 2015-05-09 14:53	--------	d-----w-	c:\users\Marc-Andre´\AppData\Roaming\WinAuth
2015-05-05 12:44 . 2015-05-05 12:44	--------	d-----w-	c:\users\Marc-Andre´\AppData\Roaming\BANDISOFT
2015-05-04 22:51 . 2015-05-04 22:51	--------	d-----w-	c:\users\Marc-Andre´\AppData\Local\Razer_Inc
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-14 01:05 . 2010-05-31 11:41	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-05-05 12:09 . 2013-08-25 20:18	152744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-05-05 12:09 . 2013-08-25 20:18	132120	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-04-27 19:04 . 2015-05-13 13:10	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-27 08:10 . 2015-04-27 08:10	80384	----a-w-	c:\windows\system32\RazerCoinstaller.dll
2015-03-30 13:25 . 2011-03-25 13:08	33856	---ha-w-	c:\windows\system32\hamachi.sys
2015-03-25 03:24 . 2015-04-15 13:43	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 13:43	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 13:43	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 13:43	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 13:43	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 13:43	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 13:43	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 13:43	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 13:43	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 13:43	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 13:43	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 13:43	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 13:43	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 13:43	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 13:43	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 13:43	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 13:43	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 13:43	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 13:43	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 13:43	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 13:43	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 13:43	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:24 . 2015-04-15 13:43	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:17 . 2015-04-15 13:43	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-14 13:26 . 2013-02-13 15:42	778928	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-14 13:26 . 2011-12-07 18:38	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-10 14:34 . 2013-08-25 20:18	44088	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-03-10 03:25 . 2015-04-15 13:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 13:43	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 13:43	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 13:43	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
"Amazon Music"="c:\users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-12-08 6277952]
"Spotify Web Helper"="c:\users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-05-31 2021944]
"Spotify"="c:\users\Marc-Andre´\AppData\Roaming\Spotify\Spotify.exe" [2015-05-31 7323192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-09 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-05-05 728312]
"Lycosa"="c:\program files (x86)\Razer\Lycosa\razerhid.exe" [2007-11-20 147456]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-03-16 129272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FILSHtray.lnk - c:\program files (x86)\FILSHtray\FILSHtray.exe [2012-1-26 597504]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-11-26 573024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CBTNDIS4;CBTNDIS4 NDIS Protocol Driver;c:\windows\system32\CBTNDIS4.SYS;c:\windows\SYSNATIVE\CBTNDIS4.SYS [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 X6va003;X6va003;c:\users\MARC-A~1\AppData\Local\Temp\00353EE.tmp;c:\users\MARC-A~1\AppData\Local\Temp\00353EE.tmp [x]
R3 X6va005;X6va005;c:\users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp;c:\users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys;c:\windows\SYSNATIVE\drivers\Lycosa.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys;c:\windows\SYSNATIVE\DRIVERS\wg111v3.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AVNETFLT
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-13 13:26]
.
2015-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 17:12]
.
2015-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 17:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Free YouTube Download - c:\users\Marc-Andre´\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Marc-Andre´\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Hotspot Shield Extension: afproxy@anchorfree.com - c:\program files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
FF - Ext: Download Manager Tweak: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB} - %profile%\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
FF - Ext: Flash Video Downloader Youtube Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Black Steel: {e2c58150-9d72-11dd-ad8b-0800200c9a66} - %profile%\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
FF - Ext: YouTube Unblocker: youtubeunblocker@unblocker.yt - %profile%\extensions\youtubeunblocker@unblocker.yt
FF - Ext: YouTube Unblocker: youtubeunblocker@unblocker.yt - %profile%\extensions\youtubeunblocker@unblocker.yt
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: JavaString Helper: {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - c:\users\Marc-Andre´\AppData\Roaming\01009
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
SafeBoot-BsScanner
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
WebBrowser-{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\MARC-A~1\AppData\Local\Temp\00353EE.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\SecuROM\License information*]
"datasecu"=hex:d8,02,ff,b9,90,79,cc,29,5f,dc,18,dd,2b,ae,8b,37,2b,a9,ac,89,00,
   e6,1a,b8,f9,f9,25,b9,87,c6,01,2e,f7,ec,17,05,8c,02,95,9e,f0,f0,67,4a,01,d6,\
"rkeysecu"=hex:db,e1,e0,9a,79,2a,d8,7a,c3,cb,bf,ae,b0,a8,73,ea
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-03  15:34:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-03 13:34
.
Vor Suchlauf: 19 Verzeichnis(se), 71.691.210.752 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 72.618.500.096 Bytes frei
.
- - End Of File - - 47033447A58E139F160F5D705A9D3D4C

M-K-D-B · 03.06.2015, 15:01

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste mir den Inhalt mit deiner nächsten Antwort.

Schritt 5

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die Logdatei von Shortcut-Cleaner,
die beiden neuen Logdateien von FRST.

condolai · 03.06.2015, 18:56

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Marc-Andre´ (administrator) on SUPER-PC on 03-06-2015 19:45:54
Running from C:\Users\Marc-Andre´\Desktop
Loaded Profiles: Marc-Andre´ (Available Profiles: Marc-Andre´ & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-09] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lycosa] => C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [147456 2007-11-20] (Razer USA Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Amazon Music] => C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify Web Helper] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk [2012-06-04]
ShortcutTarget: FILSHtray.lnk -> C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-12-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {6BC92799-9508-41E4-84A8-527B5779A5DA} URL = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {D3A96EFE-8F54-40AD-87EE-49181A37366A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {E3774029-DBA9-4FAC-9D5C-D8F62AE80435} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_intel_4.1.66.0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-02-02] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-02-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA -> C:\Program Files (x86)\DNA\plugins\npbtdna.dll [2010-10-03] (BitTorrent, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @Webzen.com/NPGameWebStarter -> C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll [2010-03-19] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Marc-Andre´\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-07-29] ()
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc-Andre´\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-04-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2011-07-28] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\abs@avira.com [2014-11-18]
FF Extension: Flash Video Downloader Youtube Downloader - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\artur.dubovoy@gmail.com [2012-08-11]
FF Extension: LavaFox V1 - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\info@djzig.com [2012-08-11]
FF Extension: YouTube Unblocker - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\youtubeunblocker@unblocker.yt [2013-09-27]
FF Extension: Flagfox - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-08-11]
FF Extension: Image Zoom - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2011-05-12]
FF Extension: Adblock Plus - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2014-12-30]
FF Extension: Download Statusbar - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2012-05-06]
FF Extension: Black Steel - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66} [2011-05-12]
FF Extension: Download Manager Tweak - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} [2010-12-10]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2014-01-25]
FF Extension: Java String Helper - C:\Users\Marc-Andre´\AppData\Roaming\01009 [2012-02-27]

Chrome: 
=======
CHR Profile: C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]
CHR Extension: (Google Drive) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]
CHR Extension: (YouTube) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
CHR Extension: (Google Search) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
CHR Extension: (Avira Browser Safety) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (AdBlock) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-24]
CHR Extension: (Bookmark Manager) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Steam Trader Helper) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1186040 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-12-18] ()
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-24] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-27] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-12-17] (AnchorFree Inc.)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CBTNDIS4; \??\C:\Windows\system32\CBTNDIS4.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va003; \??\C:\Users\MARC-A~1\AppData\Local\Temp\00353EE.tmp [X]
S3 X6va005; \??\C:\Users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 19:45 - 2015-06-03 19:45 - 02108928 _____ (Farbar) C:\Users\Marc-Andre´\Desktop\FRST64.exe
2015-06-03 19:42 - 2015-06-03 19:42 - 00001910 _____ () C:\Users\Marc-Andre´\Desktop\sc-cleaner.txt
2015-06-03 19:41 - 2015-06-03 19:41 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Marc-Andre´\Desktop\sc-cleaner.exe
2015-06-03 19:40 - 2015-06-03 19:40 - 00001512 _____ () C:\Users\Marc-Andre´\Desktop\JRT.txt
2015-06-03 19:37 - 2015-06-03 19:37 - 02942610 _____ (Thisisu) C:\Users\Marc-Andre´\Desktop\JRT.exe
2015-06-03 19:37 - 2015-06-03 19:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SUPER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-03 19:37 - 2015-06-03 19:37 - 00000000 ____D () C:\RegBackup
2015-06-03 19:09 - 2015-06-03 19:09 - 00002736 _____ () C:\Users\Marc-Andre´\Desktop\mbam.txt
2015-06-03 18:45 - 2015-06-03 18:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 18:45 - 2015-06-03 18:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-03 18:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 18:45 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 18:45 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-03 18:43 - 2015-06-03 18:44 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Marc-Andre´\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-03 18:35 - 2015-06-03 18:38 - 00000000 ____D () C:\AdwCleaner
2015-06-03 18:34 - 2015-06-03 18:34 - 02231296 _____ () C:\Users\Marc-Andre´\Desktop\AdwCleaner_4.206.exe
2015-06-03 15:34 - 2015-06-03 15:34 - 00025071 _____ () C:\ComboFix.txt
2015-06-03 15:12 - 2015-06-03 15:34 - 00000000 ____D () C:\Qoobox
2015-06-03 15:12 - 2015-06-03 15:33 - 00000000 ____D () C:\Windows\erdnt
2015-06-03 15:12 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-06-03 15:12 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-06-03 15:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-06-03 15:11 - 2015-06-03 15:11 - 05628238 ____R (Swearware) C:\Users\Marc-Andre´\Desktop\ComboFix.exe
2015-06-02 15:11 - 2015-06-02 15:11 - 00060456 _____ () C:\Users\Marc-Andre´\Desktop\Addition.txt
2015-06-02 15:10 - 2015-06-03 19:45 - 00022274 _____ () C:\Users\Marc-Andre´\Desktop\FRST.txt
2015-06-02 15:10 - 2015-06-03 19:45 - 00000000 ____D () C:\FRST
2015-06-01 15:52 - 2015-06-01 15:52 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\GWX
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\ProgramData\Licenses
2015-05-31 18:14 - 2015-05-31 18:15 - 35218576 _____ (Simply Super Software ) C:\Users\Marc-Andre´\Downloads\trjsetup692.exe
2015-05-31 18:12 - 2015-05-31 18:12 - 01918512 _____ (Mister Group ) C:\Users\Marc-Andre´\Downloads\SystemExplorerSetup_642.exe
2015-05-25 00:12 - 2015-05-25 00:13 - 00000000 ____D () C:\Users\Marc-Andre´\recorder
2015-05-25 00:08 - 2015-05-25 00:11 - 00000000 ____D () C:\Users\Marc-Andre´\lalala
2015-05-14 20:32 - 2015-05-14 20:35 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Astreya2
2015-05-14 20:15 - 2015-05-14 20:30 - 1040333947 _____ () C:\Users\Marc-Andre´\Downloads\Astreya2-Reloaded 1.0.rar
2015-05-14 03:03 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:03 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:11 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:11 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:11 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:11 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:11 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:11 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:11 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:11 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:11 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:11 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:11 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:11 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:11 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:11 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:11 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:11 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:11 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:11 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:11 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:11 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:11 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:11 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:10 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:10 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:10 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:10 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:10 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:10 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:10 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:10 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:10 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:10 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:10 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:10 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:10 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:10 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:10 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:10 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-09 16:53 - 2015-05-09 16:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\WinAuth
2015-05-09 16:49 - 2015-05-09 16:49 - 01502629 _____ () C:\Users\Marc-Andre´\Downloads\WinAuth-3.1.8.zip
2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-05 14:58 - 2015-05-05 14:58 - 02624744 _____ () C:\Users\Marc-Andre´\Downloads\Fraps v3.5.9 build 15586 Registered.rar
2015-05-05 14:47 - 2015-05-05 14:47 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam (1).7z
2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\BANDISOFT
2015-05-05 14:43 - 2015-05-05 14:43 - 00000000 ____D () C:\Users\Marc-Andre´\Documents\Bandicam
2015-05-05 14:42 - 2015-05-05 14:42 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam.7z
2015-05-05 14:07 - 2015-05-05 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-05-05 00:51 - 2015-05-05 00:51 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Razer_Inc
2015-05-04 18:37 - 2015-05-05 14:07 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-05-04 18:34 - 2015-05-04 18:34 - 01203488 _____ () C:\Users\Marc-Andre´\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 19:35 - 2011-04-26 18:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-03 19:27 - 2014-12-01 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 19:18 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-03 19:18 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-03 19:16 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\Spotify
2015-06-03 19:14 - 2010-08-13 13:56 - 02079515 _____ () C:\Windows\WindowsUpdate.log
2015-06-03 19:12 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Spotify
2015-06-03 19:10 - 2013-12-23 17:06 - 00056764 _____ () C:\Windows\setupact.log
2015-06-03 19:10 - 2012-12-24 16:37 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\HTC MediaHub
2015-06-03 19:10 - 2011-04-26 18:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 19:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 19:09 - 2013-12-23 17:06 - 00361046 _____ () C:\Windows\PFRO.log
2015-06-03 18:30 - 2011-03-18 22:11 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\TS3Client
2015-06-03 18:19 - 2010-08-16 00:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-06-03 15:34 - 2011-12-25 15:30 - 00000000 ____D () C:\Users\Marc-Andre�
2015-06-03 15:34 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-06-03 15:29 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-06-03 15:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-06-03 15:22 - 2010-05-31 13:52 - 00000000 ____D () C:\ProgramData\Temp
2015-06-03 14:39 - 2009-07-14 19:58 - 06562648 _____ () C:\Windows\system32\perfh007.dat
2015-06-03 14:39 - 2009-07-14 19:58 - 01971712 _____ () C:\Windows\system32\perfc007.dat
2015-06-03 14:39 - 2009-07-14 07:13 - 00006564 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-03 02:01 - 2010-08-16 01:09 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68A126FF-1A76-47DF-98CD-F44B2F916D09}
2015-06-03 01:23 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-02 15:12 - 2012-03-13 15:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Alle Sims 3 Teile
2015-06-02 15:11 - 2010-12-13 22:28 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Music^^
2015-05-31 17:18 - 2010-08-13 13:55 - 00000000 ____D () C:\Users\Marc-Andre´
2015-05-31 17:16 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-31 17:16 - 2011-11-10 18:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Akamai
2015-05-31 17:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-26 00:24 - 2013-08-31 00:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\TERA
2015-05-24 23:54 - 2015-01-17 19:08 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Pobre Juan
2015-05-22 14:41 - 2015-03-02 02:54 - 00001848 _____ () C:\Users\Marc-Andre´\Desktop\Storybook.lnk
2015-05-21 03:01 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-18 20:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-18 05:40 - 2010-08-27 19:34 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\SoftGrid Client
2015-05-18 04:30 - 2011-04-26 18:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 04:30 - 2011-04-26 18:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 15:00 - 2009-07-14 06:45 - 00294256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 05:05 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 05:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 03:14 - 2010-08-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-14 03:12 - 2013-07-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-14 03:05 - 2010-05-31 13:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 03:02 - 2013-03-14 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-08 14:59 - 2014-01-06 00:39 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-05-07 15:18 - 2011-01-22 13:06 - 00000000 ____D () C:\Fraps
2015-05-05 14:59 - 2015-04-18 16:22 - 00000576 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-05-05 14:10 - 2013-08-25 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 14:09 - 2013-08-25 22:18 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:09 - 2013-08-25 22:18 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-05 00:51 - 2014-01-06 00:39 - 00000000 ____D () C:\ProgramData\Razer
2015-05-04 18:37 - 2014-10-23 19:19 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client

==================== Files in the root of some directories =======

2012-02-29 22:15 - 2012-02-29 22:15 - 0000011 _____ () C:\Users\Marc-Andre´\AppData\Roaming\urhtps.dat
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\Marc-Andre´\AppData\Local\CDRip.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Marc-Andre´\AppData\Local\No23 Recorder.exe
2011-01-16 22:20 - 2011-01-16 22:50 - 0001481 _____ () C:\Users\Marc-Andre´\AppData\Local\RecConfig.xml
2010-08-18 21:48 - 2010-08-27 02:56 - 0007598 _____ () C:\Users\Marc-Andre´\AppData\Local\Resmon.ResmonCfg
2010-08-15 22:42 - 2010-08-15 22:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-08-02 22:59 - 2012-09-14 21:47 - 0002766 _____ () C:\ProgramData\flcd_proxy.log

Files to move or delete:
====================
C:\Users\Marc-Andre´\jagex_runescape_preferences.dat
C:\Users\Marc-Andre´\jagex_runescape_preferences2.dat


Some files in TEMP:
====================
C:\Users\Marc-Andre´\AppData\Local\Temp\avgnt.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\Quarantine.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 21:28

==================== End of log ============================

Es gab zwei dateien, einmal [R0] und einmal [S0], habe die "neuste" genommen

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.06.2015
Suchlauf-Zeit: 18:46:05
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.03.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Marc-AndreÂ´

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 491596
Verstrichene Zeit: 19 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 2
Trojan.Banker, HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{975670D0-7EFB-4fa8-90FA-3AE575B9FB77}, In Quarantäne, [db75c6f06f1be155d2374e2b57acba46], 
PUP.Optional.BitTorrentBar.A, HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\APPDATALOW\SOFTWARE\BittorrentBar_DE, In Quarantäne, [89c704b232583402123ba0574bb8ab55], 

Registrierungswerte: 1
PUM.Bad.Proxy, HKU\S-1-5-21-1234873347-607795945-2308373214-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8555, In Quarantäne, [f45c496dd3b71d1974a1c05958ac5fa1]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 1
PUP.Optional.BitTorrentBar.A, C:\Users\Marc-AndreÂ´\AppData\LocalLow\BittorrentBar_DE, In Quarantäne, [81cfe5d14a40330345e9bf1b47bc45bb], 

Dateien: 6
PUP.Optional.OpenCandy, C:\Users\Marc-AndreÂ´\Downloads\DTLite4413-0173.exe, In Quarantäne, [d080d3e3fb8fce68b04f1e3c7b8b867a], 
PUP.OfferBundler.ST, C:\Users\Marc-AndreÂ´\Downloads\SoftonicDownloader_fuer_free-youtube-download.exe, In Quarantäne, [b29eeec8b2d853e3c4a0635e0ef24bb5], 
PUP.OfferBundler.ST, C:\Users\Marc-AndreÂ´\Downloads\SoftonicDownloader_fuer_photoscape.exe, In Quarantäne, [460ad2e4e7a3ef479ec6d1f09e622ad6], 
PUP.Optional.OpenCandy, C:\Users\Marc-AndreÂ´\Downloads\videora-ipod-500-setup.exe, In Quarantäne, [e66a1e98e8a2cf6713ece377de280ef2], 
PUP.Optional.OpenCandy.A, C:\Users\Marc-AndreÂ´\Downloads\winamp565_full_emusic-7plus_de-de.exe, In Quarantäne, [440cf0c66327c6701994bc886799bc44], 
PUP.Optional.ICQPlugin.A, C:\Users\Marc-AndreÂ´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\searchplugins\icqplugin.xml, In Quarantäne, [e070cfe711794aec8df6d619f70c629e], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.8 (06.03.2015:1)
OS: Windows 7 Home Premium x64
Ran by Marc-Andreï on 03.06.2015 at 19:37:51,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\users\public\desktop\hotspot shield.lnk



~~~ Folders

Successfully deleted: [Folder] C:\Users\Marc-Andreï\appdata\local\crashrpt



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4}
Emptied folder: C:\Users\Marc-Andreï\AppData\Roaming\mozilla\firefox\profiles\lpt9l2zb.default\minidumps [3 files]



~~~ Chrome


[C:\Users\Marc-Andreï\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Marc-Andreï\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Marc-Andreï\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Marc-Andreï\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.06.2015 at 19:40:28,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 06/03/2015 07:42:39 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Marc-Andre´\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Marc-Andre´\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Marc-Andre´\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 06/03/2015 07:42:40 PM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)

condolai · 03.06.2015, 19:02

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Marc-Andre´ (administrator) on SUPER-PC on 03-06-2015 19:45:54
Running from C:\Users\Marc-Andre´\Desktop
Loaded Profiles: Marc-Andre´ (Available Profiles: Marc-Andre´ & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-09] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lycosa] => C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [147456 2007-11-20] (Razer USA Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Amazon Music] => C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify Web Helper] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk [2012-06-04]
ShortcutTarget: FILSHtray.lnk -> C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-12-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {6BC92799-9508-41E4-84A8-527B5779A5DA} URL = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {D3A96EFE-8F54-40AD-87EE-49181A37366A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {E3774029-DBA9-4FAC-9D5C-D8F62AE80435} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_intel_4.1.66.0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-02-02] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-02-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA -> C:\Program Files (x86)\DNA\plugins\npbtdna.dll [2010-10-03] (BitTorrent, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @Webzen.com/NPGameWebStarter -> C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll [2010-03-19] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Marc-Andre´\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-07-29] ()
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc-Andre´\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-04-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2011-07-28] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\abs@avira.com [2014-11-18]
FF Extension: Flash Video Downloader Youtube Downloader - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\artur.dubovoy@gmail.com [2012-08-11]
FF Extension: LavaFox V1 - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\info@djzig.com [2012-08-11]
FF Extension: YouTube Unblocker - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\youtubeunblocker@unblocker.yt [2013-09-27]
FF Extension: Flagfox - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-08-11]
FF Extension: Image Zoom - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2011-05-12]
FF Extension: Adblock Plus - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2014-12-30]
FF Extension: Download Statusbar - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2012-05-06]
FF Extension: Black Steel - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66} [2011-05-12]
FF Extension: Download Manager Tweak - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} [2010-12-10]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2014-01-25]
FF Extension: Java String Helper - C:\Users\Marc-Andre´\AppData\Roaming\01009 [2012-02-27]

Chrome: 
=======
CHR Profile: C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]
CHR Extension: (Google Drive) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]
CHR Extension: (YouTube) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
CHR Extension: (Google Search) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
CHR Extension: (Avira Browser Safety) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (AdBlock) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-24]
CHR Extension: (Bookmark Manager) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Steam Trader Helper) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1186040 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-12-18] ()
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-24] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-27] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-12-17] (AnchorFree Inc.)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CBTNDIS4; \??\C:\Windows\system32\CBTNDIS4.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va003; \??\C:\Users\MARC-A~1\AppData\Local\Temp\00353EE.tmp [X]
S3 X6va005; \??\C:\Users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 19:45 - 2015-06-03 19:45 - 02108928 _____ (Farbar) C:\Users\Marc-Andre´\Desktop\FRST64.exe
2015-06-03 19:42 - 2015-06-03 19:42 - 00001910 _____ () C:\Users\Marc-Andre´\Desktop\sc-cleaner.txt
2015-06-03 19:41 - 2015-06-03 19:41 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Marc-Andre´\Desktop\sc-cleaner.exe
2015-06-03 19:40 - 2015-06-03 19:40 - 00001512 _____ () C:\Users\Marc-Andre´\Desktop\JRT.txt
2015-06-03 19:37 - 2015-06-03 19:37 - 02942610 _____ (Thisisu) C:\Users\Marc-Andre´\Desktop\JRT.exe
2015-06-03 19:37 - 2015-06-03 19:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SUPER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-03 19:37 - 2015-06-03 19:37 - 00000000 ____D () C:\RegBackup
2015-06-03 19:09 - 2015-06-03 19:09 - 00002736 _____ () C:\Users\Marc-Andre´\Desktop\mbam.txt
2015-06-03 18:45 - 2015-06-03 18:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 18:45 - 2015-06-03 18:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-03 18:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 18:45 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 18:45 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-03 18:43 - 2015-06-03 18:44 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Marc-Andre´\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-03 18:35 - 2015-06-03 18:38 - 00000000 ____D () C:\AdwCleaner
2015-06-03 18:34 - 2015-06-03 18:34 - 02231296 _____ () C:\Users\Marc-Andre´\Desktop\AdwCleaner_4.206.exe
2015-06-03 15:34 - 2015-06-03 15:34 - 00025071 _____ () C:\ComboFix.txt
2015-06-03 15:12 - 2015-06-03 15:34 - 00000000 ____D () C:\Qoobox
2015-06-03 15:12 - 2015-06-03 15:33 - 00000000 ____D () C:\Windows\erdnt
2015-06-03 15:12 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-06-03 15:12 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-06-03 15:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-06-03 15:11 - 2015-06-03 15:11 - 05628238 ____R (Swearware) C:\Users\Marc-Andre´\Desktop\ComboFix.exe
2015-06-02 15:11 - 2015-06-02 15:11 - 00060456 _____ () C:\Users\Marc-Andre´\Desktop\Addition.txt
2015-06-02 15:10 - 2015-06-03 19:45 - 00022274 _____ () C:\Users\Marc-Andre´\Desktop\FRST.txt
2015-06-02 15:10 - 2015-06-03 19:45 - 00000000 ____D () C:\FRST
2015-06-01 15:52 - 2015-06-01 15:52 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\GWX
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\ProgramData\Licenses
2015-05-31 18:14 - 2015-05-31 18:15 - 35218576 _____ (Simply Super Software ) C:\Users\Marc-Andre´\Downloads\trjsetup692.exe
2015-05-31 18:12 - 2015-05-31 18:12 - 01918512 _____ (Mister Group ) C:\Users\Marc-Andre´\Downloads\SystemExplorerSetup_642.exe
2015-05-25 00:12 - 2015-05-25 00:13 - 00000000 ____D () C:\Users\Marc-Andre´\recorder
2015-05-25 00:08 - 2015-05-25 00:11 - 00000000 ____D () C:\Users\Marc-Andre´\lalala
2015-05-14 20:32 - 2015-05-14 20:35 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Astreya2
2015-05-14 20:15 - 2015-05-14 20:30 - 1040333947 _____ () C:\Users\Marc-Andre´\Downloads\Astreya2-Reloaded 1.0.rar
2015-05-14 03:03 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:03 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:11 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:11 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:11 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:11 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:11 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:11 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:11 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:11 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:11 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:11 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:11 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:11 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:11 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:11 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:11 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:11 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:11 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:11 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:11 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:11 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:11 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:11 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:10 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:10 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:10 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:10 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:10 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:10 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:10 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:10 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:10 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:10 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:10 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:10 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:10 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:10 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:10 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:10 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-09 16:53 - 2015-05-09 16:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\WinAuth
2015-05-09 16:49 - 2015-05-09 16:49 - 01502629 _____ () C:\Users\Marc-Andre´\Downloads\WinAuth-3.1.8.zip
2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-05 14:58 - 2015-05-05 14:58 - 02624744 _____ () C:\Users\Marc-Andre´\Downloads\Fraps v3.5.9 build 15586 Registered.rar
2015-05-05 14:47 - 2015-05-05 14:47 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam (1).7z
2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\BANDISOFT
2015-05-05 14:43 - 2015-05-05 14:43 - 00000000 ____D () C:\Users\Marc-Andre´\Documents\Bandicam
2015-05-05 14:42 - 2015-05-05 14:42 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam.7z
2015-05-05 14:07 - 2015-05-05 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-05-05 00:51 - 2015-05-05 00:51 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Razer_Inc
2015-05-04 18:37 - 2015-05-05 14:07 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-05-04 18:34 - 2015-05-04 18:34 - 01203488 _____ () C:\Users\Marc-Andre´\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 19:35 - 2011-04-26 18:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-03 19:27 - 2014-12-01 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 19:18 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-03 19:18 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-03 19:16 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\Spotify
2015-06-03 19:14 - 2010-08-13 13:56 - 02079515 _____ () C:\Windows\WindowsUpdate.log
2015-06-03 19:12 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Spotify
2015-06-03 19:10 - 2013-12-23 17:06 - 00056764 _____ () C:\Windows\setupact.log
2015-06-03 19:10 - 2012-12-24 16:37 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\HTC MediaHub
2015-06-03 19:10 - 2011-04-26 18:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 19:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 19:09 - 2013-12-23 17:06 - 00361046 _____ () C:\Windows\PFRO.log
2015-06-03 18:30 - 2011-03-18 22:11 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\TS3Client
2015-06-03 18:19 - 2010-08-16 00:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-06-03 15:34 - 2011-12-25 15:30 - 00000000 ____D () C:\Users\Marc-Andre�
2015-06-03 15:34 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-06-03 15:29 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-06-03 15:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-06-03 15:22 - 2010-05-31 13:52 - 00000000 ____D () C:\ProgramData\Temp
2015-06-03 14:39 - 2009-07-14 19:58 - 06562648 _____ () C:\Windows\system32\perfh007.dat
2015-06-03 14:39 - 2009-07-14 19:58 - 01971712 _____ () C:\Windows\system32\perfc007.dat
2015-06-03 14:39 - 2009-07-14 07:13 - 00006564 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-03 02:01 - 2010-08-16 01:09 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68A126FF-1A76-47DF-98CD-F44B2F916D09}
2015-06-03 01:23 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-02 15:12 - 2012-03-13 15:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Alle Sims 3 Teile
2015-06-02 15:11 - 2010-12-13 22:28 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Music^^
2015-05-31 17:18 - 2010-08-13 13:55 - 00000000 ____D () C:\Users\Marc-Andre´
2015-05-31 17:16 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-31 17:16 - 2011-11-10 18:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Akamai
2015-05-31 17:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-26 00:24 - 2013-08-31 00:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\TERA
2015-05-24 23:54 - 2015-01-17 19:08 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Pobre Juan
2015-05-22 14:41 - 2015-03-02 02:54 - 00001848 _____ () C:\Users\Marc-Andre´\Desktop\Storybook.lnk
2015-05-21 03:01 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-18 20:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-18 05:40 - 2010-08-27 19:34 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\SoftGrid Client
2015-05-18 04:30 - 2011-04-26 18:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 04:30 - 2011-04-26 18:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 15:00 - 2009-07-14 06:45 - 00294256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 05:05 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 05:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 03:14 - 2010-08-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-14 03:12 - 2013-07-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-14 03:05 - 2010-05-31 13:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 03:02 - 2013-03-14 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-08 14:59 - 2014-01-06 00:39 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-05-07 15:18 - 2011-01-22 13:06 - 00000000 ____D () C:\Fraps
2015-05-05 14:59 - 2015-04-18 16:22 - 00000576 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-05-05 14:10 - 2013-08-25 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 14:09 - 2013-08-25 22:18 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:09 - 2013-08-25 22:18 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-05 00:51 - 2014-01-06 00:39 - 00000000 ____D () C:\ProgramData\Razer
2015-05-04 18:37 - 2014-10-23 19:19 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client

==================== Files in the root of some directories =======

2012-02-29 22:15 - 2012-02-29 22:15 - 0000011 _____ () C:\Users\Marc-Andre´\AppData\Roaming\urhtps.dat
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\Marc-Andre´\AppData\Local\CDRip.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Marc-Andre´\AppData\Local\No23 Recorder.exe
2011-01-16 22:20 - 2011-01-16 22:50 - 0001481 _____ () C:\Users\Marc-Andre´\AppData\Local\RecConfig.xml
2010-08-18 21:48 - 2010-08-27 02:56 - 0007598 _____ () C:\Users\Marc-Andre´\AppData\Local\Resmon.ResmonCfg
2010-08-15 22:42 - 2010-08-15 22:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-08-02 22:59 - 2012-09-14 21:47 - 0002766 _____ () C:\ProgramData\flcd_proxy.log

Files to move or delete:
====================
C:\Users\Marc-Andre´\jagex_runescape_preferences.dat
C:\Users\Marc-Andre´\jagex_runescape_preferences2.dat


Some files in TEMP:
====================
C:\Users\Marc-Andre´\AppData\Local\Temp\avgnt.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\Quarantine.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 21:28

==================== End of log ============================

Es wurde (glaube ich) keine neue Addition.txt erstellt ("letzte Änderung:Gestern")

condolai · 03.06.2015, 19:05

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Marc-Andre´ at 2015-06-02 15:11:39
Running from C:\Users\Marc-Andre´\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1234873347-607795945-2308373214-500 - Administrator - Disabled)
fbwuser (S-1-5-21-1234873347-607795945-2308373214-1001 - Limited - Disabled) => C:\Users\fbwuser
Gast (S-1-5-21-1234873347-607795945-2308373214-501 - Limited - Disabled)
Marc-Andre´ (S-1-5-21-1234873347-607795945-2308373214-1000 - Administrator - Enabled) => C:\Users\Marc-Andre´

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

¡Adelante! Nivel elemental (HKLM-x32\...\¡Adelante! Nivel elemental) (Version: 1.0.0.0 - Ernst Klett Verlag GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Age of Chivalry (HKLM-x32\...\Steam App 17510) (Version:  - Team Chivalry)
Akamai NetSession Interface (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version:  - City Interactive)
Amazon Kindle (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV Player (HKLM-x32\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Artweaver 1.0 (HKLM-x32\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
ATI Catalyst Install Manager (HKLM\...\{4C5C7B62-C959-5FEB-FAD6-B7A0BE68B868}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Avert Fate (HKLM-x32\...\{5C4D0A31-F7ED-4F52-B286-5F56B61F9C80}) (Version: 1.00.0000 - Avert Fate)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - )
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
Biologie heute CD (HKLM-x32\...\com.schroedel.bioheuteeinleger) (Version: 1.1 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe)
Biologie heute CD (x32 Version: 1.1 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.16 - Piriform)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Duke Nukem Forever Demo (HKLM-x32\...\Steam App 57940) (Version:  - Gearbox Software)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
FormatFactory 2.50 (HKLM-x32\...\FormatFactory) (Version: 2.50 - Free Time)
Fragen-Lern-CD 4.0 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1) (Version: 4.0.0 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.0 (x32 Version: 4.0.0 - Wendel-Verlag GmbH) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free 3GP Video Converter version 5.0.40.514 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.40.514 - DVDVideoSoft Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gothic 3 Gold (HKLM-x32\...\{68D2A2E2-6B64-4433-8073-0605EB306C1B}) (Version: 1.0.0 - JoWooD)
Gothic II (HKLM-x32\...\Gothic II) (Version:  - JoWooD Productions Software AG)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hotspot Shield 3.23 (HKLM-x32\...\HotspotShield) (Version: 3.23 - AnchorFree Inc.)
HTC Sync Manager (HKLM-x32\...\{7477F26F-CC6A-4F68-8C9D-496DBFF45E05}) (Version: 1.1.27.0 - HTC)
I Am Alive (HKLM-x32\...\Steam App 214250) (Version:  - Ubisoft  Shanghaï)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.5.1003 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
King Arthur - The Role-playing Wargame (HKLM-x32\...\Steam App 24400) (Version:  - Neocore Games)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LightZone 4.0.0 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.0.0 - LightZone Project)
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.01 - Electronic Arts, Inc.)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.03.0.0 - Electronic Arts)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Medion Home Cinema (HKLM-x32\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 6.0.0000 - CyberLink Corp.) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM-x32\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox (3.6.18) (HKLM-x32\...\Mozilla Firefox (3.6.18)) (Version: 3.6.18 (de) - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM-x32\...\{FFD35D1F-F7C8-47AE-AF3E-E569F025CD7D}) (Version: 5.5.28 - Oracle Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Pivot Stickfigure Animator (HKLM-x32\...\{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}) (Version: 2.2.5 - Peter Bone)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pokki Download Helper (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Postal 2 STP - Free Multiplayer Edition (HKLM-x32\...\Postal 2 STP - Free Multiplayer Edition) (Version:  - )
Print Server Support (HKLM-x32\...\{418EF145-944B-4EBC-A755-9F15AEDFB08B}) (Version: 1.00.0000 - Siemens)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Razer Lycosa (HKLM-x32\...\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}) (Version: 1.00.0000 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Screen Recording Suite V2.5.0 (HKLM-x32\...\{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1) (Version: 2.5.0 - Apowersoft)
Secunia PSI (3.0.0.6001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6001 - Secunia)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Spotted Run for your Life (HKLM\...\UDK-a656fd26-fe9c-4d00-8aad-3e63c713bd0c) (Version:  - Epic Games, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Storybook (HKLM-x32\...\Storybook) (Version: 2.1.15 - Intertec)
StreamTransport version: 1.1.0.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
System Explorer 6.4.2 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
System Requirements Lab for Intel (HKLM-x32\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version:  - Tango Gameworks)
The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Trojan Remover 6.9.2 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.2 - Simply Super Software)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
Webzen Game Starter (HKLM-x32\...\{255FC1CF-2620-4B64-BE02-79B9E609BB3D}) (Version: 1.01.1014 - WEBZEN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WSCC 2.1.0.0 (HKLM-x32\...\WSCC_is1) (Version:  - KirySoft)
Zombie Panic Source (HKLM-x32\...\Steam App 17500) (Version:  - Zombie Panic! Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

26-05-2015 03:10:48 Geplanter Prüfpunkt

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FD93574-B94B-40D9-8002-BEF0D67F63A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {19AF296E-2EA2-417E-B7E9-48285607C2A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000Core => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {19B91066-69D3-4122-952B-7EE9B2F1D3CF} - System32\Tasks\{82A055CC-13D1-46DD-9A3A-DA2CB8C785D0} => C:\Users\Marc-Andre´\Desktop\CryEngine\Bin64\Launcher.exe
Task: {1E11C808-87CA-48A9-B9D0-C55B5D78D11E} - System32\Tasks\{78998BB2-5DF3-4ADA-9C1F-F0FA16EE48DD} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/go/help.faq.installer?LastError=1618
Task: {22136676-9F46-4259-B2E0-36258C3D87FD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {25B5A931-DAAC-4113-B6CB-A4823136E9A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000UA => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {31960EE8-2917-4120-B77D-477432EAD972} - System32\Tasks\{51C56D5C-5A7F-4172-852B-7B6CA5A92065} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {4903CF65-B25B-4952-BDB1-EBDCCCE57853} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4F26A30A-008E-4810-8E0E-59C42C704FC0} - System32\Tasks\Schule jo^^ => C:\Users\Marc-Andre´\Desktop\EKO FRESH FEAT HAFTBEFEHL - STILL MENACE (OFFICIAL HD VERSION).mp4
Task: {609931F9-F203-4731-BB25-552FFCAD90EC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {662E61CD-FBF2-453A-ADDD-593241083BF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {71DE537D-2BF3-40F9-BA3D-84A9420E6003} - System32\Tasks\{F3553201-B43E-425B-8061-E19C46894E1E} => pcalua.exe -a "C:\Users\Marc-Andre´\Desktop\anno trainer\IC_annocheat104.exe" -d "C:\Users\Marc-Andre´\Desktop\anno trainer"
Task: {855B49C3-1EF1-49DF-B854-1FB640EE3188} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {8C86B49B-2A76-4806-8A04-6201DD14C2B5} - System32\Tasks\{779B966B-BA4D-462B-BA15-11D996836268} => pcalua.exe -a "C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe"
Task: {B62B4B93-B2AB-4C5F-8D9C-A20131A5A7BA} - System32\Tasks\{2E9988B2-EBD0-41C2-9078-5C3FA1CA49EE} => C:\Users\Marc-Andre´\Desktop\CryEngine\Bin64\Launcher.exe
Task: {C3477AB6-EAC3-4411-B96D-8DFF8B100C84} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {D38B2E7D-23E5-44FE-A7CE-B98DD571361F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {DC27BF67-7135-4103-8404-AFB622CBF4E8} - System32\Tasks\{0BCE45A5-6E0A-4B92-BC53-E05C14F2CD19} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E3E74F4F-9A3C-4749-9334-24ED54A0A27E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F52F510C-46A4-4EE3-A3A5-BB2E7FAA3F35} - System32\Tasks\{6326D6F7-1E62-4FD1-A8E2-C8D9A1116C49} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {F591ACF2-F204-4DA2-82AF-EDF397D083E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000Core.job => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234873347-607795945-2308373214-1000UA.job => C:\Users\Marc-Andre´\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2010-08-16 23:13 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-05-25 22:46 - 2015-05-22 22:22 - 14982472 _____ () C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:D06A4C76

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc-Andre´\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FILSHtray => "C:\Program Files (x86)\FILSHtray\FILSHtray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7E2E668E-B9B4-41E0-95EF-9D4DBEBBC21B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{FC340676-790F-42D5-A20D-66AABD7968A9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E7ECBD0-9D67-40D5-BE6C-54B65D9E3B0C}] => (Allow) svchost.exe
FirewallRules: [{308C746D-4D38-4150-AE38-6264AB9D58BD}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{F1F6F395-E7F0-4084-A31D-5D0FD09BE912}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6CD6B55-F21A-4E12-AA37-4CABF5EF211C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{92D5BF9F-1684-4AF4-AC31-8D143671752E}C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe] => (Block) C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe
FirewallRules: [UDP Query User{6A2189A7-A31E-4871-B9F7-D620AFE8E087}C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe] => (Block) C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe
FirewallRules: [{6EC9DF7C-57D1-40AA-9766-0F2A91D26C24}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{27C512EE-74C9-4F27-BDAD-08B1D338BD80}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{8FD69238-E644-4745-A958-B5DD4D58764D}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{35ADB5D4-AF09-44BD-A401-789637B4C158}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [TCP Query User{8558347C-B400-4AE7-B3F8-54EF1EC93D42}C:\program files (x86)\metin2\metin2.bin] => (Allow) C:\program files (x86)\metin2\metin2.bin
FirewallRules: [UDP Query User{D11E0519-9831-4ABC-A217-90C23536F4F0}C:\program files (x86)\metin2\metin2.bin] => (Allow) C:\program files (x86)\metin2\metin2.bin
FirewallRules: [TCP Query User{3938B1F3-2A8C-4D9A-A1B0-ACEAD3652445}C:\program files (x86)\metin2\metin2client.bin] => (Allow) C:\program files (x86)\metin2\metin2client.bin
FirewallRules: [UDP Query User{8419F912-94B4-4624-B8A3-0A7B8382D295}C:\program files (x86)\metin2\metin2client.bin] => (Allow) C:\program files (x86)\metin2\metin2client.bin
FirewallRules: [{8496942B-9F52-4A5C-B2A5-5D2CBA898EB3}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{CE5CB3DC-3BF9-4F14-AA56-1E72443CBB11}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{25ED4E0D-9506-4B9B-B783-E94EB5BCBCB3}] => (Allow) C:\Program Files (x86)\DNA\btdna.exe
FirewallRules: [{031BC6C8-E5ED-4264-80B6-F38DF42F6411}] => (Allow) C:\Program Files (x86)\DNA\btdna.exe
FirewallRules: [TCP Query User{E3495B51-2B3B-4AD6-B7E9-F58C99349579}C:\program files (x86)\urbanterror\iourbanterror.exe] => (Allow) C:\program files (x86)\urbanterror\iourbanterror.exe
FirewallRules: [UDP Query User{E88F85DA-933E-4E5F-988E-3D9A1D80C42C}C:\program files (x86)\urbanterror\iourbanterror.exe] => (Allow) C:\program files (x86)\urbanterror\iourbanterror.exe
FirewallRules: [{62A393BF-1080-460D-8274-0CD932AF2376}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{523879E9-231F-4DF4-99F7-2C56DB12C89B}C:\program files (x86)\postal2stp\system\postal2mp.exe] => (Allow) C:\program files (x86)\postal2stp\system\postal2mp.exe
FirewallRules: [UDP Query User{C5F81AB7-9A4B-4CC8-B873-1B21A6CFB78E}C:\program files (x86)\postal2stp\system\postal2mp.exe] => (Allow) C:\program files (x86)\postal2stp\system\postal2mp.exe
FirewallRules: [{C8EC77B1-A318-494D-9086-EE6C30C0DC57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{8F019785-B231-47FF-8950-AFD6A605FBB3}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [UDP Query User{9CC12244-8575-44F7-9576-89CC0E4EC8AA}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [TCP Query User{07396779-1384-4A05-867E-38B5610A931A}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [UDP Query User{197F44AE-435A-4A88-A093-ADB8E879F692}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [{389EFA56-C030-4E16-8239-85FBECA7D513}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{860CFAD8-A55B-4855-B92A-D88B427BFE32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{67A66FA7-C5BF-421E-919A-7808542F5B2D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04281D5B-49FC-4FFF-A171-649B8DE830D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{2156CBBD-0C05-46B7-8ED8-952C041E64B7}C:\users\marc-andre´\desktop\ydvydv\blackops.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackops.exe
FirewallRules: [UDP Query User{10690B86-54DC-4542-821F-AEF4D2F7E226}C:\users\marc-andre´\desktop\ydvydv\blackops.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackops.exe
FirewallRules: [TCP Query User{A82279A9-6138-4C08-88A6-A2EF11FC9790}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe
FirewallRules: [UDP Query User{19D282BA-05F4-43FC-B107-2A9A703B9141}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe
FirewallRules: [TCP Query User{ECFF539F-4A9A-407A-917A-C4A51F7E1C84}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe
FirewallRules: [UDP Query User{65048C42-E557-4AB9-8A5F-7CD46CFD4A70}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe
FirewallRules: [TCP Query User{96E1CDC5-18EA-4FA6-9AD8-D57992E422C6}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe
FirewallRules: [UDP Query User{2107560E-17FA-458D-A70B-BA9BCCB72395}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe
FirewallRules: [TCP Query User{BDAFD6B5-A584-4FE7-A018-DF28B4BF2726}C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{4F285355-22B0-468E-8D2B-7B9086E0DEA8}C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe
FirewallRules: [{C5218F93-78B2-4440-AE9D-19AF958C951E}] => (Allow) %SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [TCP Query User{0450DB9D-7D03-47AB-81CF-2FAB3707119E}C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe
FirewallRules: [UDP Query User{6B3F284C-EEA5-4DEA-9255-C114C50EC5CA}C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe
FirewallRules: [{C1987C9B-67BD-42E8-95E5-B76877D2F604}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{5402EA23-651F-43E8-9D73-4774B6391B9A}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9225F1A1-0AA0-4E68-A902-148128BCD651}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{4B3FF22E-DFE7-4299-9B2E-7A3F71C9173F}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{EDD3527E-B517-4112-9607-CE6172E1AC84}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{DC16CBFB-5FA6-4035-BC18-52707B1CD29F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{368605C8-FD28-4AF4-81EA-3A19DCDBC7FB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{6BB5E284-8D74-4D72-A5DD-0F9B31CD360B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [TCP Query User{59DEB766-2736-4A33-B23F-B498AEB62589}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{AE329436-D2FB-42DD-9516-B53CF3D595BE}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{8733F0E9-94E0-41FF-9D6C-280F13F1D2A4}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe
FirewallRules: [UDP Query User{523DDDF1-9208-497F-AA48-03F45A380226}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe
FirewallRules: [{9AFEA075-018F-4B53-BA28-01CB66DE8851}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D7C40DE-9055-4147-A539-84C99680C5ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6888B93-C29D-4C26-AFFC-F16EE747F67B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{90B649F6-7BC5-4237-8934-8A179FFA1969}C:\program files (x86)\z8games\crossfire\cf_g4box.exe] => (Allow) C:\program files (x86)\z8games\crossfire\cf_g4box.exe
FirewallRules: [UDP Query User{427D20BC-5377-422E-BFA6-1EB787FEF29E}C:\program files (x86)\z8games\crossfire\cf_g4box.exe] => (Allow) C:\program files (x86)\z8games\crossfire\cf_g4box.exe
FirewallRules: [TCP Query User{1059CF1B-5EEA-433E-A038-BF388144356E}C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe
FirewallRules: [UDP Query User{7EC367CD-BBB1-42E1-9CA2-5CB5CAAA92FC}C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe
FirewallRules: [{4FFBBEC6-0373-4C8E-86EC-30F7CDEF4107}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{DEB106A3-6C70-4CB2-A795-6EE75C5E97D0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B1CABB2E-90B7-4F74-83DF-C238B9D43138}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{064B7FBA-31A4-4E9F-AB84-037CE2DCFEAA}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{D5E67826-0038-4F55-B6BC-E47D3E3BDE3E}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{01401BDC-4911-4A8F-9E7B-F52A1AFA2367}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{CE9D82E6-6FBC-407F-B5A6-31321305FECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{C664B43E-D596-4FF0-8869-2331DE846DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{8AB96067-686A-4B91-A6F8-5EB6460120A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{9251D19D-8829-4D04-BC07-85707DB22942}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe
FirewallRules: [{5F10C4D7-2E83-487A-9695-5E03FEDAFFB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe
FirewallRules: [{55E20DC2-7E52-41F0-9B29-C84A93E4F12D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\age of chivalry\hl2.exe
FirewallRules: [{CA299983-2587-41C4-8D85-C2CC9F5A5186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\age of chivalry\hl2.exe
FirewallRules: [{7ABFFBB7-5E68-44AF-A3FE-6E9E42241256}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{E16817EA-2D31-4335-AF37-E3AE09993860}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{95BD0CD3-414A-4117-A253-A600C6ACD41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\duke nukem forever demo\System\DukeForeverDemo.exe
FirewallRules: [{D1B64403-F8FB-439B-A20F-8ACF2A705414}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\duke nukem forever demo\System\DukeForeverDemo.exe
FirewallRules: [TCP Query User{A5B4A15A-FBD2-42BA-B26D-78EB4B454218}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{3F11AF11-A717-4B86-908C-B3D5D2DC5F5E}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{724BED90-7CF4-4E0C-A0A0-35A6402C9A71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{D5D06C4D-F4C6-4772-A391-E11260BDD121}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [TCP Query User{16685EA7-0EFA-44A2-9CE7-BAEB72ED1D1F}C:\users\marc-andre´\desktop\dead island\deadislandgame.exe] => (Block) C:\users\marc-andre´\desktop\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{6634959D-867A-4F30-820A-6C6DF563E9C2}C:\users\marc-andre´\desktop\dead island\deadislandgame.exe] => (Block) C:\users\marc-andre´\desktop\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{FF1114D2-76D4-400A-A189-8ED378C6EC37}C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin] => (Allow) C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin
FirewallRules: [UDP Query User{6C2EAB25-2A8D-4737-84DB-6D1BE9FB44C2}C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin] => (Allow) C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin
FirewallRules: [{661868E0-06E3-4C99-B02C-9B47F3094878}] => (Allow) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{955E1FF3-987C-4236-B641-91B29FD11412}] => (Allow) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{75FDD2CB-0494-4C12-884B-624E20FF35C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{779BBC81-713D-45B2-B290-16F42B910E1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [TCP Query User{84B4BC54-6C3C-46E5-8A5E-97D69211B0EA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{11BD8B0F-BBDE-4CE4-8516-E3512ACF1590}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{00E6A4E1-A0A0-4AE1-98DF-2C60740FFBB5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{6A5C623F-AB46-44D5-9BD9-F0212CB58EBA}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{B058E99F-D380-4AC1-8389-64258197F996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{A9259BAC-0103-41E2-AA84-611448B95229}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{263CE4EB-3FF7-48A9-B713-D511D602D99B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{CFEC88EF-3366-48E2-BC1D-33AD53476C18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{4F99A69D-1B2B-4E5A-B42F-9B575C257448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{CA9B639D-48C9-4677-94E7-4D9A26FE689B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{425A8CA8-4F11-43FB-948E-8AADDAEE89CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{6478CF50-0476-4819-BBC9-83878FFCE5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{E6F9CE51-8DCB-45F2-9C29-5A0531C76952}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\zombie panic! source\hl2.exe
FirewallRules: [{48B28329-4E6B-40BD-879A-24E6FB9E1FFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\zombie panic! source\hl2.exe
FirewallRules: [{80E76CFA-2C15-47B2-B204-9ACDFD213659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthur.exe
FirewallRules: [{3F5FC791-DFE5-422F-BBF2-C8CFAB9A9633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthur.exe
FirewallRules: [{5BAB004B-2CAF-44C2-9CA6-55CC13D0CB94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthurMulti.exe
FirewallRules: [{DA03CA51-A808-4721-A276-87EDBA8566A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthurMulti.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2015 00:50:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/02/2015 00:41:10 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/02/2015 00:29:38 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/01/2015 10:32:07 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!


System errors:
=============
Error: (06/02/2015 02:24:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (06/02/2015 02:17:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (06/02/2015 02:17:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/02/2015 02:17:31 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/02/2015 02:17:31 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/02/2015 02:17:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/02/2015 02:17:25 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/02/2015 02:17:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
avipbb
avkmgr
discache
spldr
Wanarpv6

Error: (06/02/2015 02:17:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/02/2015 02:17:11 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Windows-Firewall" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.


Microsoft Office:
=========================
Error: (06/02/2015 00:50:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/02/2015 00:47:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/02/2015 00:41:10 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/02/2015 00:29:38 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/01/2015 10:36:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/01/2015 10:32:07 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 19%
Total physical RAM: 6135.11 MB
Available physical RAM: 4945.64 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 11092.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:672.54 GB) (Free:66.86 GB) NTFS
Drive d: (Recover) (Fixed) (Total:25 GB) (Free:16.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: E90925EA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=672.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

--- --- ---

Hier trotzdem einmal die Addition.txt

M-K-D-B · 03.06.2015, 19:06

Servus,

hast du AdwCleaner überhaupt ausgeführt?

Es fehlt die Logdatei von AdwCleaner, bitte noch nachreichen.

condolai · 03.06.2015, 19:23

Code:

ATTFilter

# AdwCleaner v4.206 - Bericht erstellt 03/06/2015 um 18:36:03
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Marc-Andre´ - SUPER-PC
# Gestarted von : C:\Users\Marc-Andre´\Desktop\AdwCleaner_4.206.exe
# Option : Suchlauf

***** [ Dienste ] *****

Dienst Gefunden : hshld

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox.js
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-branding.js
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-l10n.js
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\reporter.js
Datei Gefunden : C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\searchplugins\daemon-search.xml
Datei Gefunden : C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\user.js
Ordner Gefunden : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Ordner Gefunden : C:\Users\Marc-Andre´\AppData\Local\pokki
Ordner Gefunden : C:\Users\Marc-Andre´\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Marc-Andre´\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Ordner Gefunden : C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;127.0.0.1:9421;<local>
Schlüssel Gefunden : HKCU\Software\Classes\MIME\Database\Content Type\application/x-pokkidownloadhelper
Schlüssel Gefunden : HKCU\Software\Classes\pokki
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper
Schlüssel Gefunden : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gefunden : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v3.6.18 (de)

[lpt9l2zb.default] - Zeile Gefunden : user_pref("browser.search.defaultthis.engineName", "BittorrentBar_DE Customized Web Search");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.allowSendURL", false);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.engineVerified", true);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.geolastmodified", 1305054136);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.history", "liebe||lil%20wayne%20lolipop||hate%20it%20or%20love%20it||get%20rich%20or%20die%20tryin||lil%20wayne%20lollipop||wei%C3%9Fe%20fusseln%20im%20alkohol||wei%C3%9Fe%20fuss[...]
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.icqgeo", 49);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.installTime", "1301168231");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.newtab_state", "1");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.previousFFVersion", "3.6.16");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.showVoucher", false);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.skip_default_search", "no");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.suggestions", false);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.uninstStatSent", true);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.uniqueID", "130108445313010844661301168231827");
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1305140542);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.voucherWasShown", 0);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[lpt9l2zb.default] - Zeile Gefunden : user_pref("icqtoolbar.xmlLanguage", "de");

-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7688 Bytes] - [03/06/2015 18:36:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7747 Bytes] ##########

M-K-D-B · 03.06.2015, 21:07

Servus,

Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
Code:
ATTFilter
```
BittorrentBar;DAEMON Tools Toolbar;FLV Player;Conduit;Pokki;
         
```
Drücke auf Search Registry.
FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
Am Ende erstellt FRST eine Textdatei Search.txt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

condolai · 03.06.2015, 23:16

Abend,

"Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile" Welche Zeile meinst du?

03.06.2015, 19:06	#12
M-K-D-B /// TB-Ausbilder	Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien Servus, hast du AdwCleaner überhaupt ausgeführt? Es fehlt die Logdatei von AdwCleaner, bitte noch nachreichen.

Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien

Plagegeister aller Art und deren Bekämpfung: Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien