Fremdzugriff auf E-Mail, Amazon etc.

Camilo123 · 27.08.2015, 22:46

Guten Abend,

im Januar 2015 gab es einen Vorfall, bei dem meine Accounts von diversen Online-Shops und meine Email-Adressen "gehackt" wurden. Es wurden Bestellungen auf mehreren Online-Shops getätigt. Ebenfalls wurden durch meine Email-Adresse alle Passwörter und Kontaktdaten der Online-Shops geändert. Daraufhin habe ich meinen PC und Laptop formatiert, Windows neu aufgesetzt und alle Passwörter geändert. Heute nachmittag, als ich auf mein Amazon-Konto schaute, waren diverse Artikel (Smartphones + Zubehör) in meinem Warenkorb. Diese habe ich natürlich nicht hinzugefügt. Passwörter habe ich wieder geändert. Nun vermute ich, dass ich vielleicht immer noch etwas auf meinem PC habe.

Bei der Gmer.exe gab es Fehlermeldungen:

C:\Windows\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderem Prozess verwendet wird.

Danach habe ich "Scan ausführen" gedrückt, Scan lief und zwei Fehlermeldungen tauchten auf:

C:\Windows\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderem Prozess verwendet wird.

C:\User\Ruben W\ntuser.dat: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderem Prozess verwendet wird.

Das Ganze habe ich im abgesicherten Modus wiederholt und da kamen ebenfalls die gleichen Meldungen.

Danach habe ich den Scan abgeschlossen und "Copy - Paste" in Editor ausgeführt.

Abgesicherten Modus (siehe Gmer.txt)
Normalen Modus(siehe Anhang Gmer2.txt) Text leider zu lang für "#"

Addition.txt

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-08-2015
durchgeführt von Ruben W (2015-08-27 22:37:59)
Gestartet von C:\Users\Ruben W\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1249185847-507591671-2405455049-500 - Administrator - Disabled)
Gast (S-1-5-21-1249185847-507591671-2405455049-501 - Limited - Disabled)
Ruben (S-1-5-21-1249185847-507591671-2405455049-1000 - Limited - Enabled) => C:\Users\Ruben
Ruben W (S-1-5-21-1249185847-507591671-2405455049-1001 - Administrator - Enabled) => C:\Users\Ruben W

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-PDF Printer 10.11.0.2342 (HKLM\...\7-PDF Printer_is1) (Version: 10.11.0.2342 - 7-PDF, Germany - Th. Hodes)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
Bridge Project (HKLM-x32\...\Steam App 232950) (Version:  - Halycon Media GmbH &amp; Co. KG)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Fable III (HKLM-x32\...\Steam App 105400) (Version:  - Lionhead Studios)
Gameo (HKU\S-1-5-21-1249185847-507591671-2405455049-1001\...\Gameo) (Version: 0.13.7 - IronSource Ltd.) <==== ACHTUNG
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Never Alone (Kisima Ingitchuna) (HKLM-x32\...\Steam App 295790) (Version:  - Upper One Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

20-08-2015 01:26:51 NVIDIA PhysX wird entfernt
20-08-2015 02:37:42 Windows Update
25-08-2015 17:49:06 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01A1C6F3-F420-4E47-974F-7AFB78D4D085} - System32\Tasks\gameo_update => C:\Users\Ruben [2015-08-27] () <==== ACHTUNG
Task: {567104CE-1DAA-4600-99E3-EC18969B6015} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {70C0CFB5-FC49-402A-B7FB-409D258CCC64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {912772C7-7134-4948-967B-67BB764923DF} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9EE98DAF-3832-4CDC-AB00-1D4C75A7BB9B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B07973E2-28B0-4041-B8D8-B550CC600BA9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BAAEBDC5-141A-440A-A150-CC2B2AA9E6F8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Ruben-PC-Ruben Ruben-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation)
Task: {C04A3070-6F32-4FE8-A746-0F1CC2146E67} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D0C315D8-2566-4FD3-8061-357571E588C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D4A55C87-F27B-403B-8BCC-E6DBFEB28C12} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {DD30550A-08B4-4316-86B8-132510AE18DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {E6362306-4952-441D-8C06-F6918380C3D1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F0844F7B-5E04-4C66-BA9A-376A9DA92907} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 20:23 - 2015-02-13 21:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-13 00:28 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-07-30 19:16 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ruben W\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9C4CC7B0-4EF4-4204-BC61-D2EDA5022FE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58C83C65-C1F0-42BC-967F-E7627B1E9954}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E1D9F69-6A40-4B91-A267-DCF2ACE58A29}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C84616D9-757E-46CB-B8B3-7C2EB2C5E306}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{265BE843-D2D9-489F-B034-2B3A350DE386}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{49DE3397-C113-4CE8-8054-F402F52FC0BB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2395640E-8A6A-4E4E-9D92-0B1F7AD073F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{177C791B-B93B-4EC6-8AEF-12835AB50421}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{2318D656-90F2-47DA-AA90-79424EBB5451}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{B72A88B0-B31D-49BD-9608-445FAF155A30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5B70DB4F-07FE-4C61-9920-EB930A686ED5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{274343C9-86A7-4300-B7AF-92EF538A0114}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{24B9DD06-C70E-4BD6-B7D3-AEFDEF2219F5}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{AC499BB6-926F-43A4-8366-4C2B22E24240}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{4B267007-0FDF-4FFA-A80F-8F9F1562F707}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{643E06D3-D206-422C-ACE9-561B19B0FD51}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4CAE215F-9798-419E-BA41-CBE6E91B161A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D9ACEE13-ABAB-410D-AEA0-4455D238ACC2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{345FC644-81E6-4923-A195-B162E8F9F41C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{9393BA96-234C-4EF5-96C1-E700AABE1974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{F9BF1575-0ED6-40B8-BF04-98CF6577203A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War in the North\witn.exe
FirewallRules: [{25322662-5382-4975-8306-ADF2B4903E83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War in the North\witn.exe
FirewallRules: [{E2CD821F-43E1-4FD3-9F8F-D44678A73C18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9CAB2241-B39C-4B3B-AF67-16FFE0E795A6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{830C39F5-88E4-4F24-8B75-103B0E7007A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{945593E8-0D9A-4D9E-949C-615DBC39C5F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B33844FB-D693-4180-99B7-D38F7E25CE3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A86A6F97-568B-4873-B4AC-229A4DDC553D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{318DB67B-ACD1-462C-B9D0-C60606373B20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{FE9345B8-3916-4506-A708-B6A0A1114B88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{74A2CC7E-18CF-4519-8986-E722AD915377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{657FDE70-9A87-4653-9598-B46CC0E383A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{FC738765-0AC6-495C-A70B-D85374CA614B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{2273E218-A7F2-4330-A4A8-EA60D648C60A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{D3F9BB88-788E-408D-B1FB-ACA4C49EC815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{348A4306-68E0-4B31-8B34-2D80FCD6DCBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{EFC9BA54-8799-47FC-A4CE-69A35ABE59D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{76A88597-4467-40C8-8F75-DEF071B4C6CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{DB899B22-3B92-4100-B3BF-70412FACBAC8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9035C193-7EE6-4183-80B0-F1FD41E53A2C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A44FDD0B-A66B-488D-8978-0AFB5C467A77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{F1B5B9C1-8D23-47FE-BC35-1476453B4662}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{C3512BD6-8BFE-4F32-9411-6EB502031D13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{700B12A8-A156-4CFB-ACF2-08C6097FB78A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A5FFFA83-E4E8-4BA2-99CC-B152B7F9079C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{C3642622-3330-4639-91BD-191470934B32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{778269DF-A0BE-41F3-A87C-04E31C09355D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{3CA2170D-F6BC-467F-9FAA-71CE453E3AF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{4165F7EA-D56C-4963-9DC8-158A61976AAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C86C9628-6DF2-4291-9BC7-E99FA32A8006}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F3025238-5DD4-4E5B-9979-6B1FD3B90C61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{514F1403-724A-45AF-B83C-DFDD2A6CAB18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{4BE0A32A-DB69-42FE-8745-D7221F6108E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{3157F86F-2550-4426-8775-C89D3E0A063B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{30514BFC-964D-4950-8CB6-7436C09D0765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{0734B0EB-E14F-467C-B032-25ECCD67CCA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{3D93A581-A886-425B-93EB-A125EA2107A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5D4A68E6-9896-44D5-A795-596BC78ECAA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{38FD15A6-BF87-4BD9-94E3-81478F12C41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FF86A437-232A-4541-AE60-E833BCB1446E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{50A3435E-2C8A-499E-8812-63762DE42986}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02ECDBC7-01E0-4ACE-BB91-82117B4D1F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BridgeProject\Bridge.exe
FirewallRules: [{0120C22A-FACC-4B75-BA39-63F9813C65A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BridgeProject\Bridge.exe
FirewallRules: [{DFC8589E-1291-4958-8EA9-3AD4524A93E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fable 3\FableLauncher.exe
FirewallRules: [{5E4B2CD3-20C3-4BB7-8440-0E48545B5BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fable 3\FableLauncher.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: H:\
Description: SD/MMC          
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: G:\
Description: SM/xD-Picture   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: I:\
Description: MS/MS-Pro       
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/27/2015 10:23:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0x520
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3

Error: (08/27/2015 07:32:19 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/27/2015 02:48:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/27/2015 10:52:04 AM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/26/2015 08:15:26 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/26/2015 01:48:24 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/25/2015 05:54:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/24/2015 11:34:39 AM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/23/2015 10:09:01 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/23/2015 02:50:13 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


Systemfehler:
=============
Error: (08/27/2015 10:12:44 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (08/27/2015 10:12:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (08/27/2015 10:12:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/27/2015 10:12:29 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/27/2015 10:12:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/27/2015 10:12:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
discache
klhk
KLIF
klpd
kneps
spldr
Wanarpv6

Error: (08/27/2015 09:19:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (08/27/2015 09:19:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (08/27/2015 07:10:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lxeaCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/27/2015 07:10:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxeaCATSCustConnectService erreicht.


Microsoft Office:
=========================
Error: (08/27/2015 10:23:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.60.2755c116b1jucheck.exe2.8.60.2755c116b14000001500052d2452001d0e10633f81c4fC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe751d72d9-4cf9-11e5-91dc-6c626dfb0b63

Error: (08/27/2015 07:32:19 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/27/2015 02:48:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/27/2015 10:52:04 AM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/26/2015 08:15:26 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/26/2015 01:48:24 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/25/2015 05:54:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/24/2015 11:34:39 AM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/23/2015 10:09:01 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (08/23/2015 02:50:13 PM) (Source: MsiInstaller) (EventID: 1024) (User: Ruben-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)


CodeIntegrity:
===================================
  Date: 2015-02-12 21:22:20.081
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-12 21:22:20.059
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-04 20:42:54.922
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-04 20:42:54.844
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 8173.97 MB
Verfügbarer physikalischer RAM: 6133.68 MB
Summe virtueller Speicher: 16346.14 MB
Verfügbarer virtueller Speicher: 14301.4 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:931.29 GB) (Free:720.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 74A8535B)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
durchgeführt von Ruben W (Administrator) auf RUBEN-PC (27-08-2015 22:37:20)
Gestartet von C:\Users\Ruben W\Desktop
Geladene Profile: Ruben & Ruben W (Verfügbare Profile: Ruben & Ruben W)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Users\Ruben\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [Gameo] => C:\Users\Ruben\AppData\Roaming\Gameo\gameo.exe "C:\Users\Ruben W\AppData\Roaming\Gameo\gameo.dat" mode:minimized
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\...\Run: [Gameo] => C:\Users\Ruben W\AppData\Roaming\Gameo\gameo.exe [42482176 2015-02-22] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-02-01] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://isearch.omiga-plus.com/?type=hp&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://isearch.omiga-plus.com/?type=hp&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://isearch.omiga-plus.com/?type=hp&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423595488&from=smt&uid=ST1000DL002-9TT153_W1V094DJXXXXW1V094DJ&q={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-08-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{50FCAAC2-7CE7-4EB2-A8A1-DCF1B31BA7F8}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default\user.js [2015-08-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: New Tab by Yahoo - C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-08-07]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173792 2015-03-29] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [487056 2015-02-10] () [Datei ist nicht signiert] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-10] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-02-01] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-02-01] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
U3 awlorpow; \??\C:\Users\RUBENW~1\AppData\Local\Temp\awlorpow.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-27 22:37 - 2015-08-27 22:37 - 00020068 _____ C:\Users\Ruben W\Desktop\FRST.txt
2015-08-27 22:37 - 2015-08-27 22:37 - 00000476 _____ C:\Users\Ruben W\Desktop\defogger_disable.log
2015-08-27 22:37 - 2015-08-27 22:37 - 00000000 _____ C:\Users\Ruben W\defogger_reenable
2015-08-27 22:27 - 2015-08-27 22:27 - 00034476 _____ C:\Users\Ruben\Desktop\Addition.txt
2015-08-27 22:26 - 2015-08-27 22:26 - 00000476 _____ C:\Users\Ruben\Desktop\defogger_disable.log
2015-08-27 22:20 - 2015-08-27 22:20 - 00011834 _____ C:\Users\Ruben\Desktop\Gmer.txt
2015-08-27 21:59 - 2015-08-27 22:14 - 00000399 _____ C:\Users\Ruben W\Desktop\Gmer.txt
2015-08-27 21:52 - 2015-08-27 21:52 - 00380416 _____ C:\Users\Ruben W\Desktop\m31zu5fs.exe
2015-08-27 21:49 - 2015-08-27 22:27 - 00067894 _____ C:\Users\Ruben\Desktop\FRST.txt
2015-08-27 21:48 - 2015-08-27 22:37 - 00000000 ____D C:\FRST
2015-08-27 21:47 - 2015-08-27 21:47 - 02186752 _____ (Farbar) C:\Users\Ruben W\Desktop\FRST64.exe
2015-08-27 21:45 - 2015-08-27 21:46 - 00000000 _____ C:\Users\Ruben W\Desktop\defogger_reenable
2015-08-27 21:45 - 2015-08-27 21:45 - 00050477 _____ C:\Users\Ruben W\Desktop\Defogger.exe
2015-08-27 21:21 - 2015-08-27 21:21 - 00000000 ____D C:\Users\Ruben\AppData\Roaming\Sun
2015-08-27 21:21 - 2015-08-27 21:21 - 00000000 ____D C:\Users\Ruben\.oracle_jre_usage
2015-08-27 21:20 - 2015-08-27 21:20 - 00000256 _____ C:\ProgramData\lxea.log
2015-08-27 21:17 - 2015-08-27 21:17 - 00000000 ____D C:\Users\Ruben W\AppData\Roaming\Sun
2015-08-27 21:17 - 2015-08-27 21:17 - 00000000 ____D C:\Users\Ruben W\.oracle_jre_usage
2015-08-26 21:40 - 2015-08-27 21:15 - 00000000 ____D C:\Users\Ruben\Desktop\Ebay Kleinanzeifen
2015-08-24 01:03 - 2015-08-24 01:04 - 00000000 ____D C:\Users\Ruben\Desktop\Otto Bett
2015-08-20 02:37 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 02:37 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 02:37 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 02:37 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-20 01:28 - 2015-08-20 01:28 - 00000000 ____D C:\Users\Ruben W\AppData\Local\YSearchUtil
2015-08-20 01:26 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-20 01:22 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-20 01:22 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-08-20 01:22 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-20 01:14 - 2015-08-20 01:14 - 00000000 ____D C:\Users\Ruben W\AppData\Local\NVIDIA Corporation
2015-08-20 01:11 - 2015-08-20 01:11 - 00002337 _____ C:\Users\Ruben W\Desktop\Sicherer Zahlungsverkehr.lnk
2015-08-20 01:11 - 2015-08-20 01:11 - 00000000 ____D C:\Users\Ruben W\AppData\Local\VirtualStore
2015-08-14 00:52 - 2015-08-14 23:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-12 12:59 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:59 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 05:40 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 05:40 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 05:40 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 05:40 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 05:40 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 05:40 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 05:40 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 05:40 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 05:40 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 05:40 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 05:40 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 05:40 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 05:40 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 05:40 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 05:40 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 05:40 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 05:40 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 05:40 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 05:40 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 05:40 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 05:40 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 05:40 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 05:40 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 05:40 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 05:40 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 05:40 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 05:40 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 05:40 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 05:40 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 05:40 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 05:40 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 05:40 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 05:40 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 05:40 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 05:40 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 05:40 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 05:40 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 05:40 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 05:40 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 05:40 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 05:40 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 05:40 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 05:40 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 05:40 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 05:40 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 05:40 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 05:40 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 05:40 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 05:40 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 05:40 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 05:40 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 05:40 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 05:40 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 05:40 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 05:40 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 05:40 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 05:40 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 05:40 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 05:40 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 05:40 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 05:40 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 05:40 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 05:40 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 05:40 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 05:40 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 05:40 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 05:40 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 05:40 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 05:40 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 05:40 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 05:40 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 05:40 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 05:40 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 05:40 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 05:40 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 05:40 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 05:40 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 05:40 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 05:40 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 05:40 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 05:40 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 05:40 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 05:40 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 05:40 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 05:40 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 05:40 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 05:40 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 05:40 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 05:40 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 05:40 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 05:40 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 05:40 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 05:40 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 05:40 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 05:40 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 05:40 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 05:40 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 05:40 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 05:40 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 05:40 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 05:40 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 05:40 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 05:40 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 05:40 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 05:40 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 05:40 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 05:40 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 05:40 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 05:40 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 05:40 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 05:39 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 05:39 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 05:39 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 05:39 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 05:39 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 05:39 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 05:39 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 05:39 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 05:39 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 05:39 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 05:39 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 05:39 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 05:39 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 05:39 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 05:39 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 05:39 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 05:39 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 05:39 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 05:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 05:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 05:39 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 05:39 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 05:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 05:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 05:39 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 05:39 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 05:39 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 05:39 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 05:39 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 05:39 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 23:04 - 2015-08-04 23:04 - 00000000 ____D C:\Users\Ruben W\AppData\Local\GWX
2015-08-04 22:42 - 2015-08-04 22:42 - 00000000 ____D C:\Users\Ruben\AppData\Local\BridgeProject
2015-08-02 22:36 - 2015-08-02 22:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-07-30 19:16 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-30 19:16 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-29 15:56 - 2015-08-12 03:39 - 00005120 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Ruben-PC-Ruben Ruben-PC
2015-07-29 15:49 - 2015-07-29 16:03 - 00000000 ____D C:\Users\Ruben\Desktop\Unterlagen
2015-07-28 22:36 - 2015-07-28 22:37 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 22:17 - 2015-07-28 22:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-28 22:17 - 2015-07-28 22:17 - 00000000 ____D C:\Program Files\Realtek
2015-07-28 22:16 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-07-28 22:16 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-07-28 22:16 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-07-28 22:16 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-07-28 22:16 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-07-28 22:16 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-07-28 22:16 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-07-28 22:16 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-07-28 22:16 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-07-28 22:16 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-07-28 22:16 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-07-28 22:16 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-07-28 22:16 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-07-28 22:16 - 2014-01-08 15:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-07-28 22:16 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-07-28 22:16 - 2013-01-11 16:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-07-28 22:16 - 2013-01-11 16:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-07-28 22:16 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-07-28 22:16 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-07-28 22:16 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-07-28 22:16 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-07-28 22:16 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-07-28 22:16 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-07-28 22:16 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-07-28 22:16 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-07-28 22:16 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-07-28 22:16 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-07-28 22:16 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-07-28 22:16 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-07-28 22:16 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-07-28 22:16 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-07-28 22:16 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2015-07-28 22:15 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-07-28 22:14 - 2015-07-28 22:14 - 00002278 _____ C:\Users\Ruben W\Desktop\Realtek High Definition Audio Codecs für Vista  Win 7  Win 8  Win 10 (32 Bit) - CHIP Downloader.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-27 22:37 - 2015-02-06 19:51 - 00000000 ____D C:\Users\Ruben W
2015-08-27 22:36 - 2015-02-01 19:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-27 22:36 - 2015-02-01 01:36 - 01141847 _____ C:\Windows\WindowsUpdate.log
2015-08-27 22:34 - 2015-04-08 16:35 - 00000000 ____D C:\Users\Ruben W\AppData\Local\Gameo
2015-08-27 22:34 - 2015-02-01 19:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-27 22:26 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-27 22:26 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-27 22:18 - 2009-07-14 06:51 - 00086958 _____ C:\Windows\setupact.log
2015-08-27 22:17 - 2015-02-13 00:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-27 22:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-27 22:11 - 2015-02-01 19:22 - 00365498 _____ C:\Windows\PFRO.log
2015-08-27 21:52 - 2015-02-15 04:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-27 21:21 - 2015-02-25 22:54 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 21:21 - 2015-02-01 02:26 - 00000000 ____D C:\Users\Ruben
2015-08-27 21:20 - 2015-02-25 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 21:20 - 2015-02-01 03:00 - 00045529 _____ C:\ProgramData\lxeascan.log
2015-08-27 21:17 - 2015-02-25 22:54 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-26 14:18 - 2015-02-10 21:45 - 00000000 ____D C:\Users\Ruben\AppData\Local\Microsoft Help
2015-08-26 00:11 - 2009-07-14 19:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-08-26 00:11 - 2009-07-14 19:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-08-26 00:11 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 01:27 - 2015-02-01 02:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-20 01:27 - 2015-02-01 02:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-20 01:26 - 2015-02-13 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-20 01:24 - 2015-02-01 02:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-20 01:23 - 2015-02-25 22:55 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 01:14 - 2015-02-13 00:29 - 00000000 ____D C:\Users\Ruben W\AppData\Local\NVIDIA
2015-08-19 13:59 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-18 07:26 - 2015-02-10 21:11 - 00000000 ____D C:\Users\Ruben W\AppData\Roaming\omiga-plus
2015-08-14 23:09 - 2015-02-01 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-13 21:12 - 2015-02-10 21:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-12 17:52 - 2015-02-15 04:58 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 17:52 - 2015-02-15 04:58 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 17:52 - 2015-02-15 04:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 15:26 - 2009-07-14 06:45 - 00435496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 15:23 - 2015-02-01 19:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 15:23 - 2015-02-01 03:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 12:59 - 2015-05-04 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 12:59 - 2015-02-10 21:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 12:58 - 2015-05-04 18:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 12:58 - 2015-05-04 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 12:46 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-08-12 12:38 - 2015-02-01 02:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 12:36 - 2015-02-01 02:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-07 13:06 - 2015-02-13 00:28 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-07 13:06 - 2015-02-13 00:28 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2015-02-13 00:26 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2015-02-13 00:26 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2015-02-13 00:26 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2015-02-13 00:26 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-07 13:06 - 2015-02-13 00:26 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2015-02-13 00:26 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-08-07 06:34 - 2015-02-13 00:28 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2015-02-13 00:28 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2015-02-13 00:28 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2015-02-13 00:28 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2015-02-13 00:28 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2015-02-13 00:28 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-03 12:12 - 2015-02-13 00:28 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-29 22:31 - 2015-02-01 19:37 - 00000000 ____D C:\Users\Ruben\AppData\Roaming\TS3Client
2015-07-29 22:19 - 2015-02-10 23:51 - 00000000 ____D C:\Users\Ruben\Documents\my games
2015-07-29 22:13 - 2015-02-12 22:53 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-29 16:03 - 2015-06-19 13:19 - 00000000 ____D C:\Users\Ruben\Desktop\Ferienjob 2015
2015-07-29 16:03 - 2015-05-04 01:13 - 00000000 ____D C:\Users\Ruben\Desktop\VBWL
2015-07-29 15:50 - 2015-02-03 02:11 - 00000000 ____D C:\Users\Ruben\Desktop\Schule
2015-07-28 22:36 - 2015-02-01 01:32 - 00000000 ____D C:\Windows\Panther
2015-07-28 22:24 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-28 22:17 - 2015-02-01 19:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-07-28 22:16 - 2015-02-01 02:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-28 22:16 - 2015-02-01 02:49 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-07-28 22:05 - 2015-02-11 22:38 - 00067211 _____ C:\Windows\DirectX.log
2015-07-28 22:03 - 2015-02-10 21:40 - 00112696 _____ C:\Users\Ruben W\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-01 02:59 - 2015-02-01 02:59 - 0000405 _____ () C:\ProgramData\Coinstaller.log
2015-02-06 19:52 - 2015-02-06 19:52 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-08-27 21:20 - 2015-08-27 21:20 - 0000256 _____ () C:\ProgramData\lxea.log
2015-02-10 00:03 - 2015-04-29 21:58 - 0012526 _____ () C:\ProgramData\lxeaJSW.log
2015-02-01 03:00 - 2015-08-27 21:20 - 0045529 _____ () C:\ProgramData\lxeascan.log
2015-03-05 00:47 - 2015-03-05 00:47 - 1195247 _____ () C:\ProgramData\SPL10AA.tmp
2015-03-05 01:15 - 2015-03-05 01:15 - 0066110 _____ () C:\ProgramData\SPL1DCE.tmp
2015-02-10 00:49 - 2015-02-10 00:49 - 0284884 _____ () C:\ProgramData\SPL531E.tmp
2015-04-30 23:51 - 2015-04-30 23:51 - 0539212 _____ () C:\ProgramData\SPLA1D.tmp
2015-04-29 22:01 - 2015-04-29 22:01 - 0539212 _____ () C:\ProgramData\SPLA371.tmp
2015-02-10 00:07 - 2015-02-10 00:07 - 0276532 _____ () C:\ProgramData\SPLBA98.tmp
2015-02-10 00:36 - 2015-02-10 00:36 - 0284472 _____ () C:\ProgramData\SPLBF68.tmp
2015-02-10 01:02 - 2015-02-10 01:02 - 0233528 _____ () C:\ProgramData\SPLF71A.tmp
2015-02-06 19:51 - 2015-02-06 19:51 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Einige Dateien in TEMP:
====================
C:\Users\Ruben\AppData\Local\Temp\avgnt.exe
C:\Users\Ruben\AppData\Local\Temp\i4jdel0.exe
C:\Users\Ruben\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Ruben\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Ruben\AppData\Local\Temp\proxy_vole1550727512807265065.dll
C:\Users\Ruben W\AppData\Local\Temp\130729772271017205.exe
C:\Users\Ruben W\AppData\Local\Temp\13072977232490028704.exe
C:\Users\Ruben W\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Ruben W\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Ruben W\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Ruben W\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Ruben W\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\Ruben W\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\Ruben W\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\Ruben W\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ruben W\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Ruben W\AppData\Local\Temp\nvStInst.exe
C:\Users\Ruben W\AppData\Local\Temp\ose00000.exe
C:\Users\Ruben W\AppData\Local\Temp\PidGenX.dll
C:\Users\Ruben W\AppData\Local\Temp\smt_omiga-plus.exe
C:\Users\Ruben W\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-23 15:40

==================== Ende von FRST.txt ============================

--- --- ---

GMER Logfile:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-27 23:02:25
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST1000DL002-9TT153 rev.CC32 931,51GB
Running: m31zu5fs.exe; Driver: C:\Users\RUBENW~1\AppData\Local\Temp\awlorpow.sys


---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0  unknown MBR code

---- EOF - GMER 2.1 ----

--- --- ---

Kaspersky

Code:

ATTFilter

27.08.2015 20.32.22	Rootkit-Suche	Keine Bedrohungen gefunden	Gefunden: 0	Neutralisiert: 0	Nicht untersucht: 0	Datenbank-Status bei Untersuchungsbeginn: 27.08.2015, 12:38	Gesamtdauer: 34 Minuten 17 Sekunden	Ende: 27.08.2015, 21:06
27.08.2015 19.42.40	Vollständige Untersuchung des Computers	Keine Bedrohungen gefunden	Gefunden: 0	Neutralisiert: 0	Nicht untersucht: 0	Datenbank-Status bei Untersuchungsbeginn: 27.08.2015, 12:38	Gesamtdauer: 1 Stunde 38 Minuten	Ende: 27.08.2015, 21:21

Ich hoffe, Ihr könnt mir helfen! Ich bin neu hier und hoffe auch alles richtig gemacht zu haben

Viele Grüße
Camilo123

schrauber · 28.08.2015, 06:22

hi,

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Gameo
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Camilo123 · 28.08.2015, 16:35

Guten Tag,

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.08.28.02
  rootkit: v2015.08.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17959
Ruben W :: RUBEN-PC [administrator]

28.08.2015 15:42:12
mbar-log-2015-08-28 (15-42-12).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 408957
Time elapsed: 24 minute(s), 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

17:34:03.0851 0x13b0  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:34:03.0851 0x13b0  UEFI system
17:34:07.0146 0x13b0  ============================================================
17:34:07.0146 0x13b0  Current date / time: 2015/08/28 17:34:07.0146
17:34:07.0146 0x13b0  SystemInfo:
17:34:07.0146 0x13b0  
17:34:07.0146 0x13b0  OS Version: 6.1.7601 ServicePack: 1.0
17:34:07.0146 0x13b0  Product type: Workstation
17:34:07.0146 0x13b0  ComputerName: RUBEN-PC
17:34:07.0146 0x13b0  UserName: Ruben W
17:34:07.0146 0x13b0  Windows directory: C:\Windows
17:34:07.0146 0x13b0  System windows directory: C:\Windows
17:34:07.0146 0x13b0  Running under WOW64
17:34:07.0146 0x13b0  Processor architecture: Intel x64
17:34:07.0146 0x13b0  Number of processors: 4
17:34:07.0146 0x13b0  Page size: 0x1000
17:34:07.0146 0x13b0  Boot type: Normal boot
17:34:07.0146 0x13b0  ============================================================
17:34:08.0420 0x13b0  KLMD registered as C:\Windows\system32\drivers\72514349.sys
17:34:08.0809 0x13b0  System UUID: {92170E35-D84D-42D9-5AD7-9AEDBF4AB817}
17:34:09.0227 0x13b0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:34:09.0250 0x13b0  ============================================================
17:34:09.0250 0x13b0  \Device\Harddisk0\DR0:
17:34:09.0250 0x13b0  GPT partitions:
17:34:09.0251 0x13b0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {46ADCB28-DCCB-47F8-95E5-458E836D6FF2}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
17:34:09.0251 0x13b0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {395EDCB4-9377-4466-A5B8-BA7A1D2BF74E}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
17:34:09.0251 0x13b0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {197B4651-0079-4F56-A77D-CDF3AC8A243E}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x74694000
17:34:09.0251 0x13b0  MBR partitions:
17:34:09.0251 0x13b0  ============================================================
17:34:09.0301 0x13b0  C: <-> \Device\Harddisk0\DR0\Partition3
17:34:09.0301 0x13b0  ============================================================
17:34:09.0301 0x13b0  Initialize success
17:34:09.0301 0x13b0  ============================================================
17:34:12.0036 0x1314  ============================================================
17:34:12.0036 0x1314  Scan started
17:34:12.0036 0x1314  Mode: Manual; 
17:34:12.0036 0x1314  ============================================================
17:34:12.0036 0x1314  KSN ping started
17:34:14.0326 0x1314  KSN ping finished: true
17:34:15.0010 0x1314  ================ Scan system memory ========================
17:34:15.0010 0x1314  System memory - ok
17:34:15.0010 0x1314  ================ Scan services =============================
17:34:15.0507 0x1314  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:34:15.0511 0x1314  1394ohci - ok
17:34:15.0552 0x1314  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:34:15.0557 0x1314  ACPI - ok
17:34:15.0571 0x1314  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:34:15.0572 0x1314  AcpiPmi - ok
17:34:15.0693 0x1314  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:34:15.0695 0x1314  AdobeARMservice - ok
17:34:15.0801 0x1314  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:15.0806 0x1314  AdobeFlashPlayerUpdateSvc - ok
17:34:15.0847 0x1314  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:34:15.0855 0x1314  adp94xx - ok
17:34:15.0896 0x1314  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:34:15.0901 0x1314  adpahci - ok
17:34:15.0915 0x1314  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:34:15.0918 0x1314  adpu320 - ok
17:34:15.0949 0x1314  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:34:15.0950 0x1314  AeLookupSvc - ok
17:34:16.0018 0x1314  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:34:16.0026 0x1314  AFD - ok
17:34:16.0050 0x1314  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:34:16.0051 0x1314  agp440 - ok
17:34:16.0085 0x1314  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:34:16.0086 0x1314  ALG - ok
17:34:16.0161 0x1314  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:34:16.0162 0x1314  aliide - ok
17:34:16.0170 0x1314  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:34:16.0171 0x1314  amdide - ok
17:34:16.0189 0x1314  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:34:16.0190 0x1314  AmdK8 - ok
17:34:16.0194 0x1314  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:34:16.0195 0x1314  AmdPPM - ok
17:34:16.0237 0x1314  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:34:16.0239 0x1314  amdsata - ok
17:34:16.0258 0x1314  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:34:16.0261 0x1314  amdsbs - ok
17:34:16.0277 0x1314  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:34:16.0278 0x1314  amdxata - ok
17:34:16.0342 0x1314  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
17:34:16.0343 0x1314  AppID - ok
17:34:16.0363 0x1314  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:34:16.0364 0x1314  AppIDSvc - ok
17:34:16.0420 0x1314  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
17:34:16.0422 0x1314  Appinfo - ok
17:34:16.0439 0x1314  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:34:16.0441 0x1314  arc - ok
17:34:16.0448 0x1314  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:34:16.0450 0x1314  arcsas - ok
17:34:16.0540 0x1314  [ 041672BAC20B34EAEDEB033129655DD8, 14264732F0CACF5732C7652C411F0A1C3B4A4417C31DD289C8AFF170BE683E5A ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:34:16.0541 0x1314  aspnet_state - ok
17:34:16.0588 0x1314  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:34:16.0589 0x1314  AsyncMac - ok
17:34:16.0601 0x1314  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:34:16.0602 0x1314  atapi - ok
17:34:16.0661 0x1314  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:34:16.0671 0x1314  AudioEndpointBuilder - ok
17:34:16.0688 0x1314  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:34:16.0698 0x1314  AudioSrv - ok
17:34:16.0748 0x1314  [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
17:34:16.0751 0x1314  AVP15.0.1 - ok
17:34:16.0798 0x1314  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:34:16.0800 0x1314  AxInstSV - ok
17:34:16.0860 0x1314  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:34:16.0867 0x1314  b06bdrv - ok
17:34:16.0910 0x1314  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:34:16.0914 0x1314  b57nd60a - ok
17:34:16.0939 0x1314  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:34:16.0941 0x1314  BDESVC - ok
17:34:16.0995 0x1314  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:34:16.0996 0x1314  Beep - ok
17:34:17.0081 0x1314  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:34:17.0092 0x1314  BFE - ok
17:34:17.0136 0x1314  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:34:17.0150 0x1314  BITS - ok
17:34:17.0187 0x1314  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:34:17.0188 0x1314  blbdrive - ok
17:34:17.0243 0x1314  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:34:17.0244 0x1314  bowser - ok
17:34:17.0248 0x1314  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:34:17.0248 0x1314  BrFiltLo - ok
17:34:17.0251 0x1314  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:34:17.0251 0x1314  BrFiltUp - ok
17:34:17.0284 0x1314  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:34:17.0288 0x1314  Browser - ok
17:34:17.0297 0x1314  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:34:17.0301 0x1314  Brserid - ok
17:34:17.0305 0x1314  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:34:17.0306 0x1314  BrSerWdm - ok
17:34:17.0311 0x1314  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:34:17.0311 0x1314  BrUsbMdm - ok
17:34:17.0351 0x1314  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:34:17.0352 0x1314  BrUsbSer - ok
17:34:17.0355 0x1314  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:34:17.0357 0x1314  BTHMODEM - ok
17:34:17.0394 0x1314  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:34:17.0396 0x1314  bthserv - ok
17:34:17.0440 0x1314  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:34:17.0442 0x1314  cdfs - ok
17:34:17.0472 0x1314  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:34:17.0474 0x1314  cdrom - ok
17:34:17.0522 0x1314  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:34:17.0524 0x1314  CertPropSvc - ok
17:34:17.0555 0x1314  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:34:17.0556 0x1314  circlass - ok
17:34:17.0592 0x1314  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:34:17.0598 0x1314  CLFS - ok
17:34:17.0649 0x1314  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:17.0650 0x1314  clr_optimization_v2.0.50727_32 - ok
17:34:17.0689 0x1314  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:34:17.0690 0x1314  clr_optimization_v2.0.50727_64 - ok
17:34:18.0140 0x1314  [ 397C2677C25CBE213F3270245A401624, 8121E37108DE7A0402DC5111EBF452F91893B63EECE3AAD9EACF61C40D3FC182 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:34:18.0142 0x1314  clr_optimization_v4.0.30319_32 - ok
17:34:18.0175 0x1314  [ 29139759FCC4E4E0531ABE2EA82CE646, CFF7B2F4A9B37D343BE18DC40161DC03FA9DB308CAE9E0B3DF1FCDC3EBAC0C08 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:34:18.0177 0x1314  clr_optimization_v4.0.30319_64 - ok
17:34:18.0183 0x1314  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:34:18.0183 0x1314  CmBatt - ok
17:34:18.0198 0x1314  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:34:18.0198 0x1314  cmdide - ok
17:34:18.0242 0x1314  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
17:34:18.0246 0x1314  cm_km_w - ok
17:34:18.0315 0x1314  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:34:18.0323 0x1314  CNG - ok
17:34:18.0339 0x1314  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:34:18.0340 0x1314  Compbatt - ok
17:34:18.0374 0x1314  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:34:18.0375 0x1314  CompositeBus - ok
17:34:18.0387 0x1314  COMSysApp - ok
17:34:18.0390 0x1314  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:34:18.0391 0x1314  crcdisk - ok
17:34:18.0431 0x1314  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:34:18.0434 0x1314  CryptSvc - ok
17:34:18.0487 0x1314  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:34:18.0496 0x1314  DcomLaunch - ok
17:34:18.0543 0x1314  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:34:18.0547 0x1314  defragsvc - ok
17:34:18.0575 0x1314  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:34:18.0577 0x1314  DfsC - ok
17:34:18.0630 0x1314  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:34:18.0635 0x1314  Dhcp - ok
17:34:18.0737 0x1314  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:34:18.0755 0x1314  DiagTrack - ok
17:34:18.0772 0x1314  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:34:18.0772 0x1314  discache - ok
17:34:18.0785 0x1314  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:34:18.0787 0x1314  Disk - ok
17:34:18.0828 0x1314  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:34:18.0831 0x1314  Dnscache - ok
17:34:18.0870 0x1314  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:34:18.0874 0x1314  dot3svc - ok
17:34:18.0908 0x1314  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:34:18.0911 0x1314  DPS - ok
17:34:18.0950 0x1314  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:34:18.0950 0x1314  drmkaud - ok
17:34:19.0021 0x1314  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:34:19.0025 0x1314  dtsoftbus01 - ok
17:34:19.0079 0x1314  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:34:19.0094 0x1314  DXGKrnl - ok
17:34:19.0134 0x1314  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:34:19.0137 0x1314  EapHost - ok
17:34:19.0160 0x1314  EasyAntiCheat - ok
17:34:19.0250 0x1314  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:34:19.0301 0x1314  ebdrv - ok
17:34:19.0340 0x1314  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
17:34:19.0341 0x1314  EFS - ok
17:34:19.0430 0x1314  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:34:19.0440 0x1314  ehRecvr - ok
17:34:19.0464 0x1314  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:34:19.0466 0x1314  ehSched - ok
17:34:19.0494 0x1314  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:34:19.0502 0x1314  elxstor - ok
17:34:19.0536 0x1314  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:34:19.0536 0x1314  ErrDev - ok
17:34:19.0567 0x1314  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:34:19.0573 0x1314  EventSystem - ok
17:34:19.0592 0x1314  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:34:19.0595 0x1314  exfat - ok
17:34:19.0609 0x1314  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:34:19.0613 0x1314  fastfat - ok
17:34:19.0658 0x1314  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:34:19.0668 0x1314  Fax - ok
17:34:19.0683 0x1314  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:34:19.0684 0x1314  fdc - ok
17:34:19.0694 0x1314  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:34:19.0695 0x1314  fdPHost - ok
17:34:19.0705 0x1314  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:34:19.0706 0x1314  FDResPub - ok
17:34:19.0739 0x1314  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:34:19.0740 0x1314  FileInfo - ok
17:34:19.0748 0x1314  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:34:19.0748 0x1314  Filetrace - ok
17:34:19.0752 0x1314  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:34:19.0752 0x1314  flpydisk - ok
17:34:19.0777 0x1314  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:34:19.0782 0x1314  FltMgr - ok
17:34:19.0850 0x1314  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
17:34:19.0868 0x1314  FontCache - ok
17:34:19.0922 0x1314  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:34:19.0923 0x1314  FontCache3.0.0.0 - ok
17:34:19.0939 0x1314  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:34:19.0940 0x1314  FsDepends - ok
17:34:19.0967 0x1314  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:34:19.0968 0x1314  Fs_Rec - ok
17:34:20.0025 0x1314  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:34:20.0028 0x1314  fvevol - ok
17:34:20.0032 0x1314  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:34:20.0033 0x1314  gagp30kx - ok
17:34:20.0132 0x1314  [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:34:20.0149 0x1314  GfExperienceService - ok
17:34:20.0199 0x1314  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:34:20.0211 0x1314  gpsvc - ok
17:34:20.0223 0x1314  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:34:20.0224 0x1314  hcw85cir - ok
17:34:20.0273 0x1314  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:34:20.0278 0x1314  HdAudAddService - ok
17:34:20.0305 0x1314  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:34:20.0307 0x1314  HDAudBus - ok
17:34:20.0317 0x1314  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:34:20.0318 0x1314  HidBatt - ok
17:34:20.0323 0x1314  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:34:20.0325 0x1314  HidBth - ok
17:34:20.0329 0x1314  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:34:20.0330 0x1314  HidIr - ok
17:34:20.0339 0x1314  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:34:20.0340 0x1314  hidserv - ok
17:34:20.0380 0x1314  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:34:20.0381 0x1314  HidUsb - ok
17:34:20.0422 0x1314  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:34:20.0424 0x1314  hkmsvc - ok
17:34:20.0456 0x1314  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:34:20.0460 0x1314  HomeGroupListener - ok
17:34:20.0497 0x1314  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:34:20.0501 0x1314  HomeGroupProvider - ok
17:34:20.0518 0x1314  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:34:20.0519 0x1314  HpSAMD - ok
17:34:20.0574 0x1314  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:34:20.0586 0x1314  HTTP - ok
17:34:20.0620 0x1314  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:34:20.0620 0x1314  hwpolicy - ok
17:34:20.0666 0x1314  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:34:20.0668 0x1314  i8042prt - ok
17:34:20.0716 0x1314  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:34:20.0722 0x1314  iaStorV - ok
17:34:20.0786 0x1314  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:34:20.0799 0x1314  idsvc - ok
17:34:20.0817 0x1314  IEEtwCollectorService - ok
17:34:20.0841 0x1314  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:34:20.0842 0x1314  iirsp - ok
17:34:20.0888 0x1314  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:34:20.0901 0x1314  IKEEXT - ok
17:34:21.0047 0x1314  [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:34:21.0114 0x1314  IntcAzAudAddService - ok
17:34:21.0165 0x1314  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:34:21.0165 0x1314  intelide - ok
17:34:21.0183 0x1314  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:34:21.0184 0x1314  intelppm - ok
17:34:21.0207 0x1314  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:34:21.0209 0x1314  IPBusEnum - ok
17:34:21.0250 0x1314  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:34:21.0251 0x1314  IpFilterDriver - ok
17:34:21.0293 0x1314  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:34:21.0302 0x1314  iphlpsvc - ok
17:34:21.0319 0x1314  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:34:21.0321 0x1314  IPMIDRV - ok
17:34:21.0341 0x1314  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:34:21.0343 0x1314  IPNAT - ok
17:34:21.0361 0x1314  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:34:21.0361 0x1314  IRENUM - ok
17:34:21.0381 0x1314  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:34:21.0381 0x1314  isapnp - ok
17:34:21.0416 0x1314  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:34:21.0420 0x1314  iScsiPrt - ok
17:34:21.0435 0x1314  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:34:21.0436 0x1314  kbdclass - ok
17:34:21.0444 0x1314  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:34:21.0444 0x1314  kbdhid - ok
17:34:21.0461 0x1314  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
17:34:21.0462 0x1314  KeyIso - ok
17:34:21.0520 0x1314  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
17:34:21.0527 0x1314  kl1 - ok
17:34:21.0544 0x1314  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
17:34:21.0545 0x1314  kldisk - ok
17:34:21.0578 0x1314  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
17:34:21.0580 0x1314  klflt - ok
17:34:21.0606 0x1314  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
17:34:21.0609 0x1314  klhk - ok
17:34:21.0633 0x1314  [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
17:34:21.0645 0x1314  KLIF - ok
17:34:21.0688 0x1314  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
17:34:21.0689 0x1314  KLIM6 - ok
17:34:21.0694 0x1314  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
17:34:21.0695 0x1314  klkbdflt - ok
17:34:21.0704 0x1314  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
17:34:21.0704 0x1314  klmouflt - ok
17:34:21.0709 0x1314  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
17:34:21.0710 0x1314  klpd - ok
17:34:21.0716 0x1314  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
17:34:21.0718 0x1314  kltdi - ok
17:34:21.0733 0x1314  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
17:34:21.0735 0x1314  Klwtp - ok
17:34:21.0753 0x1314  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
17:34:21.0756 0x1314  kneps - ok
17:34:21.0796 0x1314  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:34:21.0798 0x1314  KSecDD - ok
17:34:21.0813 0x1314  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:34:21.0816 0x1314  KSecPkg - ok
17:34:21.0840 0x1314  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:34:21.0841 0x1314  ksthunk - ok
17:34:21.0875 0x1314  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:34:21.0882 0x1314  KtmRm - ok
17:34:21.0933 0x1314  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:34:21.0938 0x1314  LanmanServer - ok
17:34:21.0980 0x1314  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:34:21.0983 0x1314  LanmanWorkstation - ok
17:34:22.0003 0x1314  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:34:22.0004 0x1314  lltdio - ok
17:34:22.0030 0x1314  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:34:22.0035 0x1314  lltdsvc - ok
17:34:22.0051 0x1314  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:34:22.0053 0x1314  lmhosts - ok
17:34:22.0080 0x1314  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:34:22.0082 0x1314  LSI_FC - ok
17:34:22.0105 0x1314  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:34:22.0107 0x1314  LSI_SAS - ok
17:34:22.0138 0x1314  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:34:22.0140 0x1314  LSI_SAS2 - ok
17:34:22.0179 0x1314  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:34:22.0181 0x1314  LSI_SCSI - ok
17:34:22.0194 0x1314  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:34:22.0196 0x1314  luafv - ok
17:34:22.0247 0x1314  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
17:34:22.0247 0x1314  MBfilt - ok
17:34:22.0285 0x1314  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:34:22.0287 0x1314  Mcx2Svc - ok
17:34:22.0298 0x1314  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:34:22.0299 0x1314  megasas - ok
17:34:22.0331 0x1314  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:34:22.0336 0x1314  MegaSR - ok
17:34:22.0362 0x1314  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:34:22.0363 0x1314  MEIx64 - ok
17:34:22.0385 0x1314  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:34:22.0387 0x1314  MMCSS - ok
17:34:22.0394 0x1314  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:34:22.0395 0x1314  Modem - ok
17:34:22.0422 0x1314  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:34:22.0423 0x1314  monitor - ok
17:34:22.0461 0x1314  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:34:22.0462 0x1314  mouclass - ok
17:34:22.0488 0x1314  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:34:22.0488 0x1314  mouhid - ok
17:34:22.0521 0x1314  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:34:22.0523 0x1314  mountmgr - ok
17:34:22.0591 0x1314  [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:34:22.0594 0x1314  MozillaMaintenance - ok
17:34:22.0627 0x1314  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:34:22.0629 0x1314  mpio - ok
17:34:22.0646 0x1314  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:34:22.0648 0x1314  mpsdrv - ok
17:34:22.0691 0x1314  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:34:22.0704 0x1314  MpsSvc - ok
17:34:22.0745 0x1314  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:34:22.0747 0x1314  MRxDAV - ok
17:34:22.0770 0x1314  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:34:22.0772 0x1314  mrxsmb - ok
17:34:22.0791 0x1314  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:34:22.0795 0x1314  mrxsmb10 - ok
17:34:22.0813 0x1314  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:34:22.0815 0x1314  mrxsmb20 - ok
17:34:22.0824 0x1314  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:34:22.0825 0x1314  msahci - ok
17:34:22.0836 0x1314  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:34:22.0839 0x1314  msdsm - ok
17:34:22.0851 0x1314  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:34:22.0854 0x1314  MSDTC - ok
17:34:22.0867 0x1314  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:34:22.0868 0x1314  Msfs - ok
17:34:22.0876 0x1314  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:34:22.0877 0x1314  mshidkmdf - ok
17:34:22.0879 0x1314  MSICDSetup - ok
17:34:22.0893 0x1314  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:34:22.0894 0x1314  msisadrv - ok
17:34:22.0930 0x1314  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:34:22.0933 0x1314  MSiSCSI - ok
17:34:22.0936 0x1314  msiserver - ok
17:34:22.0960 0x1314  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:34:22.0960 0x1314  MSKSSRV - ok
17:34:22.0984 0x1314  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:34:22.0985 0x1314  MSPCLOCK - ok
17:34:22.0998 0x1314  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:34:22.0999 0x1314  MSPQM - ok
17:34:23.0032 0x1314  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:34:23.0038 0x1314  MsRPC - ok
17:34:23.0053 0x1314  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:34:23.0054 0x1314  mssmbios - ok
17:34:23.0061 0x1314  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:34:23.0062 0x1314  MSTEE - ok
17:34:23.0066 0x1314  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:34:23.0066 0x1314  MTConfig - ok
17:34:23.0085 0x1314  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:34:23.0087 0x1314  Mup - ok
17:34:23.0130 0x1314  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:34:23.0138 0x1314  napagent - ok
17:34:23.0160 0x1314  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:34:23.0164 0x1314  NativeWifiP - ok
17:34:23.0214 0x1314  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:34:23.0228 0x1314  NDIS - ok
17:34:23.0254 0x1314  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:34:23.0255 0x1314  NdisCap - ok
17:34:23.0279 0x1314  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:34:23.0279 0x1314  NdisTapi - ok
17:34:23.0322 0x1314  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:34:23.0323 0x1314  Ndisuio - ok
17:34:23.0359 0x1314  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:34:23.0362 0x1314  NdisWan - ok
17:34:23.0391 0x1314  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:34:23.0393 0x1314  NDProxy - ok
17:34:23.0422 0x1314  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:34:23.0423 0x1314  NetBIOS - ok
17:34:23.0456 0x1314  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:34:23.0460 0x1314  NetBT - ok
17:34:23.0471 0x1314  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
17:34:23.0472 0x1314  Netlogon - ok
17:34:23.0511 0x1314  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:34:23.0517 0x1314  Netman - ok
17:34:23.0559 0x1314  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:23.0561 0x1314  NetMsmqActivator - ok
17:34:23.0583 0x1314  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:23.0586 0x1314  NetPipeActivator - ok
17:34:23.0598 0x1314  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:34:23.0605 0x1314  netprofm - ok
17:34:23.0627 0x1314  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:23.0629 0x1314  NetTcpActivator - ok
17:34:23.0634 0x1314  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:23.0637 0x1314  NetTcpPortSharing - ok
17:34:23.0651 0x1314  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:34:23.0652 0x1314  nfrd960 - ok
17:34:23.0683 0x1314  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:34:23.0689 0x1314  NlaSvc - ok
17:34:23.0695 0x1314  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:34:23.0696 0x1314  Npfs - ok
17:34:23.0718 0x1314  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:34:23.0720 0x1314  nsi - ok
17:34:23.0725 0x1314  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:34:23.0725 0x1314  nsiproxy - ok
17:34:23.0803 0x1314  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:34:23.0829 0x1314  Ntfs - ok
17:34:23.0864 0x1314  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:34:23.0864 0x1314  Null - ok
17:34:23.0908 0x1314  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:34:23.0912 0x1314  NVHDA - ok
17:34:24.0191 0x1314  [ 23860E0BE05DF15970B9C0A141076080, 79DFB92E872AE108FFD47C577F96099C8FB03BA61A491B0CF3A5C8A2F3CAD17F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:34:24.0361 0x1314  nvlddmkm - ok
17:34:24.0468 0x1314  [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:34:24.0495 0x1314  NvNetworkService - ok
17:34:24.0536 0x1314  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:34:24.0538 0x1314  nvraid - ok
17:34:24.0583 0x1314  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:34:24.0586 0x1314  nvstor - ok
17:34:24.0645 0x1314  [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:34:24.0645 0x1314  NvStreamKms - ok
17:34:24.0803 0x1314  [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:34:24.0885 0x1314  NvStreamSvc - ok
17:34:24.0975 0x1314  [ F4D36838C25AB847D1A759150B5E992F, AB7BB99A90112F559AD4B4D33F53FFC2DBC7B1E85FCED90A9FCCA694A0BD9934 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:34:24.0990 0x1314  nvsvc - ok
17:34:25.0033 0x1314  [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:34:25.0034 0x1314  nvvad_WaveExtensible - ok
17:34:25.0067 0x1314  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:34:25.0069 0x1314  nv_agp - ok
17:34:25.0079 0x1314  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:34:25.0080 0x1314  ohci1394 - ok
17:34:25.0160 0x1314  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:34:25.0163 0x1314  ose64 - ok
17:34:25.0346 0x1314  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:34:25.0422 0x1314  osppsvc - ok
17:34:25.0450 0x1314  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:34:25.0455 0x1314  p2pimsvc - ok
17:34:25.0484 0x1314  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:34:25.0492 0x1314  p2psvc - ok
17:34:25.0522 0x1314  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:34:25.0524 0x1314  Parport - ok
17:34:25.0561 0x1314  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:34:25.0562 0x1314  partmgr - ok
17:34:25.0598 0x1314  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:34:25.0602 0x1314  PcaSvc - ok
17:34:25.0611 0x1314  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:34:25.0614 0x1314  pci - ok
17:34:25.0644 0x1314  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:34:25.0644 0x1314  pciide - ok
17:34:25.0660 0x1314  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:34:25.0663 0x1314  pcmcia - ok
17:34:25.0674 0x1314  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:34:25.0675 0x1314  pcw - ok
17:34:25.0716 0x1314  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:34:25.0726 0x1314  PEAUTH - ok
17:34:25.0789 0x1314  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:34:25.0790 0x1314  PerfHost - ok
17:34:25.0854 0x1314  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:34:25.0876 0x1314  pla - ok
17:34:25.0931 0x1314  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:34:25.0938 0x1314  PlugPlay - ok
17:34:25.0967 0x1314  PnkBstrA - ok
17:34:25.0971 0x1314  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:34:25.0973 0x1314  PNRPAutoReg - ok
17:34:25.0995 0x1314  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:34:26.0000 0x1314  PNRPsvc - ok
17:34:26.0018 0x1314  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:34:26.0026 0x1314  PolicyAgent - ok
17:34:26.0053 0x1314  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:34:26.0057 0x1314  Power - ok
17:34:26.0099 0x1314  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:34:26.0101 0x1314  PptpMiniport - ok
17:34:26.0105 0x1314  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:34:26.0107 0x1314  Processor - ok
17:34:26.0149 0x1314  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:34:26.0153 0x1314  ProfSvc - ok
17:34:26.0167 0x1314  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:34:26.0168 0x1314  ProtectedStorage - ok
17:34:26.0209 0x1314  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:34:26.0211 0x1314  Psched - ok
17:34:26.0256 0x1314  [ CCE65976AAEB1DB4C3B98243B8AC448E, 996BC8CF7B5BFDA04D27FF0FCFEA8BA3C5623FDABFE96C9BE6503C6D3201D0AD ] PVUSB           C:\Windows\system32\DRIVERS\CESG64.sys
17:34:26.0257 0x1314  PVUSB - ok
17:34:26.0310 0x1314  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:34:26.0332 0x1314  ql2300 - ok
17:34:26.0346 0x1314  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:34:26.0348 0x1314  ql40xx - ok
17:34:26.0389 0x1314  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:34:26.0393 0x1314  QWAVE - ok
17:34:26.0408 0x1314  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:34:26.0409 0x1314  QWAVEdrv - ok
17:34:26.0426 0x1314  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:34:26.0426 0x1314  RasAcd - ok
17:34:26.0469 0x1314  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:34:26.0470 0x1314  RasAgileVpn - ok
17:34:26.0491 0x1314  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:34:26.0494 0x1314  RasAuto - ok
17:34:26.0536 0x1314  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:34:26.0538 0x1314  Rasl2tp - ok
17:34:26.0564 0x1314  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:34:26.0570 0x1314  RasMan - ok
17:34:26.0583 0x1314  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:34:26.0584 0x1314  RasPppoe - ok
17:34:26.0605 0x1314  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:34:26.0606 0x1314  RasSstp - ok
17:34:26.0649 0x1314  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:34:26.0654 0x1314  rdbss - ok
17:34:26.0669 0x1314  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:34:26.0670 0x1314  rdpbus - ok
17:34:26.0682 0x1314  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:34:26.0683 0x1314  RDPCDD - ok
17:34:26.0705 0x1314  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:34:26.0705 0x1314  RDPENCDD - ok
17:34:26.0711 0x1314  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:34:26.0711 0x1314  RDPREFMP - ok
17:34:26.0747 0x1314  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:34:26.0751 0x1314  RDPWD - ok
17:34:26.0801 0x1314  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:34:26.0804 0x1314  rdyboost - ok
17:34:26.0822 0x1314  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:34:26.0824 0x1314  RemoteAccess - ok
17:34:26.0855 0x1314  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:34:26.0858 0x1314  RemoteRegistry - ok
17:34:26.0883 0x1314  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:34:26.0885 0x1314  RpcEptMapper - ok
17:34:26.0899 0x1314  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:34:26.0900 0x1314  RpcLocator - ok
17:34:26.0940 0x1314  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:34:26.0948 0x1314  RpcSs - ok
17:34:26.0965 0x1314  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:34:26.0966 0x1314  rspndr - ok
17:34:27.0025 0x1314  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:34:27.0033 0x1314  RTL8167 - ok
17:34:27.0046 0x1314  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
17:34:27.0047 0x1314  SamSs - ok
17:34:27.0076 0x1314  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:34:27.0078 0x1314  sbp2port - ok
17:34:27.0092 0x1314  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:34:27.0096 0x1314  SCardSvr - ok
17:34:27.0122 0x1314  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:34:27.0123 0x1314  scfilter - ok
17:34:27.0176 0x1314  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:34:27.0193 0x1314  Schedule - ok
17:34:27.0220 0x1314  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:34:27.0222 0x1314  SCPolicySvc - ok
17:34:27.0228 0x1314  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:34:27.0232 0x1314  SDRSVC - ok
17:34:27.0245 0x1314  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:34:27.0245 0x1314  secdrv - ok
17:34:27.0280 0x1314  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:34:27.0281 0x1314  seclogon - ok
17:34:27.0297 0x1314  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:34:27.0299 0x1314  SENS - ok
17:34:27.0312 0x1314  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:34:27.0314 0x1314  SensrSvc - ok
17:34:27.0349 0x1314  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:34:27.0349 0x1314  Serenum - ok
17:34:27.0386 0x1314  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:34:27.0387 0x1314  Serial - ok
17:34:27.0406 0x1314  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:34:27.0407 0x1314  sermouse - ok
17:34:27.0442 0x1314  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:34:27.0445 0x1314  SessionEnv - ok
17:34:27.0453 0x1314  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:34:27.0454 0x1314  sffdisk - ok
17:34:27.0473 0x1314  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:34:27.0474 0x1314  sffp_mmc - ok
17:34:27.0477 0x1314  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:34:27.0477 0x1314  sffp_sd - ok
17:34:27.0491 0x1314  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:34:27.0492 0x1314  sfloppy - ok
17:34:27.0519 0x1314  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:34:27.0525 0x1314  SharedAccess - ok
17:34:27.0546 0x1314  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:34:27.0552 0x1314  ShellHWDetection - ok
17:34:27.0569 0x1314  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:34:27.0570 0x1314  SiSRaid2 - ok
17:34:27.0575 0x1314  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:34:27.0577 0x1314  SiSRaid4 - ok
17:34:27.0593 0x1314  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:34:27.0594 0x1314  Smb - ok
17:34:27.0608 0x1314  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:34:27.0610 0x1314  SNMPTRAP - ok
17:34:27.0654 0x1314  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:34:27.0655 0x1314  spldr - ok
17:34:27.0692 0x1314  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:34:27.0701 0x1314  Spooler - ok
17:34:27.0814 0x1314  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:34:27.0866 0x1314  sppsvc - ok
17:34:27.0884 0x1314  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:34:27.0888 0x1314  sppuinotify - ok
17:34:27.0929 0x1314  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:34:27.0936 0x1314  srv - ok
17:34:27.0960 0x1314  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:34:27.0966 0x1314  srv2 - ok
17:34:27.0997 0x1314  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:34:28.0000 0x1314  srvnet - ok
17:34:28.0021 0x1314  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:34:28.0026 0x1314  SSDPSRV - ok
17:34:28.0039 0x1314  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:34:28.0042 0x1314  SstpSvc - ok
17:34:28.0115 0x1314  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:34:28.0127 0x1314  Steam Client Service - ok
17:34:28.0181 0x1314  [ F6D78F5436918952F1CB24BC48DB5B72, DFD6DA8A72D5719A063BAB921B6870B4BDA75DA4D280492F110DF3F99627BDF7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:34:28.0187 0x1314  Stereo Service - ok
17:34:28.0202 0x1314  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:34:28.0203 0x1314  stexstor - ok
17:34:28.0245 0x1314  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:34:28.0255 0x1314  stisvc - ok
17:34:28.0288 0x1314  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:34:28.0288 0x1314  swenum - ok
17:34:28.0314 0x1314  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:34:28.0324 0x1314  swprv - ok
17:34:28.0393 0x1314  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
17:34:28.0421 0x1314  SysMain - ok
17:34:28.0454 0x1314  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:34:28.0457 0x1314  TabletInputService - ok
17:34:28.0478 0x1314  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:34:28.0483 0x1314  TapiSrv - ok
17:34:28.0492 0x1314  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:34:28.0494 0x1314  TBS - ok
17:34:28.0569 0x1314  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:34:28.0597 0x1314  Tcpip - ok
17:34:28.0660 0x1314  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:34:28.0688 0x1314  TCPIP6 - ok
17:34:28.0725 0x1314  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:34:28.0726 0x1314  tcpipreg - ok
17:34:28.0754 0x1314  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:34:28.0754 0x1314  TDPIPE - ok
17:34:28.0790 0x1314  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:34:28.0791 0x1314  TDTCP - ok
17:34:28.0815 0x1314  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:34:28.0817 0x1314  tdx - ok
17:34:28.0828 0x1314  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:34:28.0829 0x1314  TermDD - ok
17:34:28.0874 0x1314  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:34:28.0885 0x1314  TermService - ok
17:34:28.0900 0x1314  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:34:28.0901 0x1314  Themes - ok
17:34:28.0920 0x1314  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:34:28.0922 0x1314  THREADORDER - ok
17:34:28.0941 0x1314  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:34:28.0943 0x1314  TrkWks - ok
17:34:28.0990 0x1314  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:34:28.0993 0x1314  TrustedInstaller - ok
17:34:29.0024 0x1314  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:34:29.0025 0x1314  tssecsrv - ok
17:34:29.0069 0x1314  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:34:29.0070 0x1314  TsUsbFlt - ok
17:34:29.0110 0x1314  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:34:29.0112 0x1314  tunnel - ok
17:34:29.0161 0x1314  [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys     C:\Windows\system32\DRIVERS\t_mouse.sys
17:34:29.0161 0x1314  t_mouse.sys - ok
17:34:29.0187 0x1314  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:34:29.0188 0x1314  uagp35 - ok
17:34:29.0212 0x1314  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:34:29.0216 0x1314  udfs - ok
17:34:29.0240 0x1314  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:34:29.0242 0x1314  UI0Detect - ok
17:34:29.0257 0x1314  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:34:29.0258 0x1314  uliagpkx - ok
17:34:29.0315 0x1314  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
17:34:29.0316 0x1314  umbus - ok
17:34:29.0332 0x1314  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:34:29.0332 0x1314  UmPass - ok
17:34:29.0347 0x1314  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:34:29.0353 0x1314  upnphost - ok
17:34:29.0388 0x1314  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:34:29.0390 0x1314  usbccgp - ok
17:34:29.0416 0x1314  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:34:29.0418 0x1314  usbcir - ok
17:34:29.0429 0x1314  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:34:29.0430 0x1314  usbehci - ok
17:34:29.0450 0x1314  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:34:29.0455 0x1314  usbhub - ok
17:34:29.0470 0x1314  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:34:29.0470 0x1314  usbohci - ok
17:34:29.0487 0x1314  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:34:29.0488 0x1314  usbprint - ok
17:34:29.0517 0x1314  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
17:34:29.0518 0x1314  usbscan - ok
17:34:29.0556 0x1314  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:34:29.0558 0x1314  USBSTOR - ok
17:34:29.0573 0x1314  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:34:29.0574 0x1314  usbuhci - ok
17:34:29.0585 0x1314  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:34:29.0587 0x1314  UxSms - ok
17:34:29.0602 0x1314  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
17:34:29.0603 0x1314  VaultSvc - ok
17:34:29.0625 0x1314  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:34:29.0626 0x1314  vdrvroot - ok
17:34:29.0673 0x1314  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:34:29.0682 0x1314  vds - ok
17:34:29.0702 0x1314  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:34:29.0703 0x1314  vga - ok
17:34:29.0727 0x1314  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:34:29.0727 0x1314  VgaSave - ok
17:34:29.0769 0x1314  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:34:29.0772 0x1314  vhdmp - ok
17:34:29.0787 0x1314  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:34:29.0787 0x1314  viaide - ok
17:34:29.0804 0x1314  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:34:29.0805 0x1314  volmgr - ok
17:34:29.0842 0x1314  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:34:29.0848 0x1314  volmgrx - ok
17:34:29.0859 0x1314  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:34:29.0864 0x1314  volsnap - ok
17:34:29.0870 0x1314  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:34:29.0873 0x1314  vsmraid - ok
17:34:29.0940 0x1314  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:34:29.0963 0x1314  VSS - ok
17:34:29.0980 0x1314  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:34:29.0980 0x1314  vwifibus - ok
17:34:30.0005 0x1314  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:34:30.0012 0x1314  W32Time - ok
17:34:30.0016 0x1314  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:34:30.0017 0x1314  WacomPen - ok
17:34:30.0031 0x1314  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:34:30.0033 0x1314  WANARP - ok
17:34:30.0044 0x1314  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:34:30.0045 0x1314  Wanarpv6 - ok
17:34:30.0082 0x1314  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:34:30.0105 0x1314  wbengine - ok
17:34:30.0143 0x1314  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:34:30.0148 0x1314  WbioSrvc - ok
17:34:30.0195 0x1314  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:34:30.0202 0x1314  wcncsvc - ok
17:34:30.0209 0x1314  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:34:30.0211 0x1314  WcsPlugInService - ok
17:34:30.0214 0x1314  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:34:30.0215 0x1314  Wd - ok
17:34:30.0295 0x1314  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:34:30.0308 0x1314  Wdf01000 - ok
17:34:30.0328 0x1314  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:34:30.0330 0x1314  WdiServiceHost - ok
17:34:30.0334 0x1314  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:34:30.0336 0x1314  WdiSystemHost - ok
17:34:30.0366 0x1314  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
17:34:30.0372 0x1314  WebClient - ok
17:34:30.0384 0x1314  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:34:30.0389 0x1314  Wecsvc - ok
17:34:30.0399 0x1314  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:34:30.0401 0x1314  wercplsupport - ok
17:34:30.0422 0x1314  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:34:30.0424 0x1314  WerSvc - ok
17:34:30.0445 0x1314  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:34:30.0446 0x1314  WfpLwf - ok
17:34:30.0448 0x1314  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:34:30.0449 0x1314  WIMMount - ok
17:34:30.0468 0x1314  WinDefend - ok
17:34:30.0549 0x1314  WindowsMangerProtect - ok
17:34:30.0561 0x1314  WinHttpAutoProxySvc - ok
17:34:30.0600 0x1314  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:34:30.0604 0x1314  Winmgmt - ok
17:34:30.0675 0x1314  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:34:30.0706 0x1314  WinRM - ok
17:34:30.0769 0x1314  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:34:30.0770 0x1314  WinUsb - ok
17:34:30.0809 0x1314  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:34:30.0823 0x1314  Wlansvc - ok
17:34:30.0856 0x1314  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:34:30.0857 0x1314  WmiAcpi - ok
17:34:30.0884 0x1314  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:34:30.0887 0x1314  wmiApSrv - ok
17:34:30.0894 0x1314  WMPNetworkSvc - ok
17:34:30.0906 0x1314  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:34:30.0908 0x1314  WPCSvc - ok
17:34:30.0946 0x1314  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:34:30.0949 0x1314  WPDBusEnum - ok
17:34:30.0971 0x1314  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:34:30.0972 0x1314  ws2ifsl - ok
17:34:30.0990 0x1314  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:34:30.0992 0x1314  wscsvc - ok
17:34:30.0994 0x1314  WSearch - ok
17:34:31.0087 0x1314  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:34:31.0126 0x1314  wuauserv - ok
17:34:31.0157 0x1314  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:34:31.0158 0x1314  WudfPf - ok
17:34:31.0167 0x1314  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:34:31.0170 0x1314  WUDFRd - ok
17:34:31.0206 0x1314  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:34:31.0208 0x1314  wudfsvc - ok
17:34:31.0241 0x1314  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:34:31.0245 0x1314  WwanSvc - ok
17:34:31.0258 0x1314  ================ Scan global ===============================
17:34:31.0293 0x1314  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:34:31.0333 0x1314  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
17:34:31.0344 0x1314  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
17:34:31.0352 0x1314  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:34:31.0396 0x1314  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:34:31.0401 0x1314  [ Global ] - ok
17:34:31.0402 0x1314  ================ Scan MBR ==================================
17:34:31.0408 0x1314  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:34:31.0414 0x1314  \Device\Harddisk0\DR0 - ok
17:34:31.0414 0x1314  ================ Scan VBR ==================================
17:34:31.0425 0x1314  [ 9BBB56C60E4D2E6A0B9AAA7DC80522BD ] \Device\Harddisk0\DR0\Partition1
17:34:31.0459 0x1314  \Device\Harddisk0\DR0\Partition1 - ok
17:34:31.0483 0x1314  [ 62A24357E3B1DA4178BE51F0F22FE409 ] \Device\Harddisk0\DR0\Partition2
17:34:31.0484 0x1314  \Device\Harddisk0\DR0\Partition2 - ok
17:34:31.0496 0x1314  [ 6FDBE1919A5EEBCE793F271AA884D128 ] \Device\Harddisk0\DR0\Partition3
17:34:31.0545 0x1314  \Device\Harddisk0\DR0\Partition3 - ok
17:34:31.0545 0x1314  ================ Scan generic autorun ======================
17:34:31.0648 0x1314  [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:34:31.0687 0x1314  NvBackend - ok
17:34:31.0701 0x1314  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:34:31.0703 0x1314  ShadowPlay - ok
17:34:31.0736 0x1314  [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\Windows\system32\TiltWheelMouse.exe
17:34:31.0740 0x1314  MouseDriver - ok
17:34:31.0779 0x1314  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:34:31.0788 0x1314  SunJavaUpdateSched - ok
17:34:31.0863 0x1314  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:34:31.0881 0x1314  Sidebar - ok
17:34:31.0903 0x1314  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:34:31.0905 0x1314  mctadmin - ok
17:34:31.0944 0x1314  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:34:31.0960 0x1314  Sidebar - ok
17:34:31.0965 0x1314  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:34:31.0967 0x1314  mctadmin - ok
17:34:31.0997 0x1314  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
17:34:32.0004 0x1314  RESTART_STICKY_NOTES - ok
17:34:32.0143 0x1314  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
17:34:32.0186 0x1314  Steam - ok
17:34:32.0325 0x1314  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
17:34:32.0378 0x1314  DAEMON Tools Lite - ok
17:34:32.0430 0x1314  Gameo - ok
17:34:32.0430 0x1314  Waiting for KSN requests completion. In queue: 360
17:34:33.0430 0x1314  Waiting for KSN requests completion. In queue: 50
17:34:34.0430 0x1314  Waiting for KSN requests completion. In queue: 50
17:34:35.0439 0x1314  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
17:34:35.0440 0x1314  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
17:34:37.0761 0x1314  ============================================================
17:34:37.0761 0x1314  Scan finished
17:34:37.0761 0x1314  ============================================================
17:34:37.0766 0x06f4  Detected object count: 0
17:34:37.0766 0x06f4  Actual detected object count: 0
17:34:40.0032 0x0e10  Deinitialize success

Viele Grüße
Camilo123

schrauber · 29.08.2015, 08:51

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Camilo123 · 11.09.2015, 01:47

Entschuldige bitte. Hatte einen Umzug zu erledigen. Habe nun wieder
Internet.

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 15-09-07.01 - Ruben W 11.09.2015   2:07.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8174.5068 [GMT 2:00]
ausgeführt von:: c:\users\Ruben\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
FW: Kaspersky Internet Security *Disabled* {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
SP: Kaspersky Internet Security *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPL10AA.tmp
c:\programdata\SPL1DCE.tmp
c:\programdata\SPL531E.tmp
c:\programdata\SPLA1D.tmp
c:\programdata\SPLA371.tmp
c:\programdata\SPLBA98.tmp
c:\programdata\SPLBF68.tmp
c:\programdata\SPLF71A.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-08-11 bis 2015-09-11  ))))))))))))))))))))))))))))))
.
.
2015-09-11 00:32 . 2015-09-11 00:32	--------	d-----w-	c:\users\Ruben W\AppData\Local\temp
2015-09-11 00:32 . 2015-09-11 00:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-09-10 23:44 . 2011-01-25 09:34	18432	----a-w-	c:\windows\system32\drivers\vwifimp.sys
2015-09-10 23:44 . 2011-01-25 09:34	60416	----a-w-	c:\windows\system32\drivers\vwififlt.sys
2015-09-10 23:36 . 2015-06-09 18:03	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2015-09-10 23:36 . 2015-06-09 18:03	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2015-09-10 23:36 . 2015-06-03 20:17	243200	----a-w-	c:\windows\system32\rdpudd.dll
2015-09-10 23:36 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-09-10 23:36 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2015-09-10 23:35 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-09-10 23:29 . 2015-09-10 23:29	--------	d-----w-	c:\users\Ruben W\AppData\Local\Chris_Pietschmann_(http__
2015-09-10 23:25 . 2015-09-10 23:25	--------	d-----w-	c:\users\Ruben\AppData\Local\Chris_Pietschmann_(http__
2015-09-10 23:12 . 2015-09-10 23:12	--------	d-----w-	c:\program files (x86)\Virtual Router
2015-09-10 22:47 . 2015-09-10 22:47	--------	d-----w-	c:\program files\Common Files\AV
2015-09-10 22:26 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2015-09-10 22:26 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2015-09-10 22:26 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2015-09-10 22:21 . 2015-08-07 00:04	572024	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-09-10 22:02 . 2015-09-10 22:02	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F59E50BA-DF6C-42B7-8D46-712A0A954D4E}\offreg.1756.dll
2015-09-10 21:01 . 2015-08-05 17:56	1110016	----a-w-	c:\windows\system32\schedsvc.dll
2015-09-10 21:00 . 2015-07-23 00:02	1390592	----a-w-	c:\windows\system32\diagtrack.dll
2015-09-10 20:51 . 2015-07-31 09:21	11745192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F59E50BA-DF6C-42B7-8D46-712A0A954D4E}\mpengine.dll
2015-09-07 15:28 . 2015-08-11 04:52	69416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-09-07 15:28 . 2015-08-11 04:52	50472	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-08-28 13:42 . 2015-08-28 13:42	--------	d-----w-	c:\programdata\Malwarebytes
2015-08-28 13:42 . 2015-08-28 14:42	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-28 13:42 . 2015-08-28 14:12	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-28 13:41 . 2015-08-28 14:12	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-08-28 13:36 . 2015-08-28 14:09	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-08-27 19:48 . 2015-08-27 20:38	--------	d-----w-	C:\FRST
2015-08-27 19:21 . 2015-08-27 19:21	--------	d-----w-	c:\users\Ruben\.oracle_jre_usage
2015-08-27 19:20 . 2015-08-27 19:20	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-08-27 19:17 . 2015-08-27 19:17	--------	d-----w-	c:\users\Ruben W\.oracle_jre_usage
2015-08-22 05:22 . 2015-08-22 05:22	3010240	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL
2015-08-19 23:28 . 2015-08-19 23:28	--------	d-----w-	c:\users\Ruben W\AppData\Local\YSearchUtil
2015-08-19 23:22 . 2015-08-10 23:08	1110768	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-08-19 23:22 . 2015-08-07 11:06	1898104	----a-w-	c:\windows\system32\nvdispco6435560.dll
2015-08-19 23:22 . 2015-08-07 11:06	1558832	----a-w-	c:\windows\system32\nvdispgenco6435560.dll
2015-08-19 23:14 . 2015-08-19 23:14	--------	d-----w-	c:\users\Ruben W\AppData\Local\NVIDIA Corporation
2015-08-19 23:11 . 2015-08-19 23:11	--------	d-----w-	c:\users\Ruben W\AppData\Local\VirtualStore
2015-08-19 19:52 . 2015-08-19 19:52	26851520	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-08-19 19:45 . 2015-08-19 19:45	654520	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2015-08-19 19:45 . 2015-08-19 19:45	37402720	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-08-14 03:39 . 2015-08-14 03:39	257120	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\OSFINTL.DLL
2015-08-14 02:23 . 2015-08-14 02:23	61120	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\de-de\Microsoft.Excel.AdomdClient.resources.dll
2015-08-14 02:23 . 2015-08-14 02:23	52928	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\de-de\Microsoft.Excel.Xmla.resources.dll
2015-08-14 02:23 . 2015-08-14 02:23	20672	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\de-de\Microsoft.Excel.Streaming.resources.dll
2015-08-14 02:23 . 2015-08-14 02:23	200384	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\de-de\Microsoft.Excel.Amo.resources.dll
2015-08-12 10:59 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:59 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 03:39 . 2015-07-01 20:49	260096	----a-w-	c:\windows\system32\WebClnt.dll
2015-08-12 03:23 . 2015-08-12 03:23	5774552	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2015-08-12 03:23 . 2015-08-12 03:23	5479104	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2015-08-12 03:18 . 2015-08-12 03:18	8494272	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msolap110_xl.dll
2015-08-12 03:18 . 2015-08-12 03:18	74757824	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmdlocal_xl.dll
2015-08-12 03:18 . 2015-08-12 03:18	278208	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrw_xl.dll
2015-08-12 03:18 . 2015-08-12 03:18	21070528	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmsrv_xl.dll
2015-08-12 03:18 . 2015-08-12 03:18	196800	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrwbin_xl.dll
2015-08-12 03:18 . 2015-08-12 03:18	11484352	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmgdsrv_xl.dll
2015-08-12 03:18 . 2015-08-12 03:18	885400	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\ADAL.DLL
2015-08-12 03:18 . 2015-08-12 03:18	7899256	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2015-08-12 03:18 . 2015-08-12 03:18	7668928	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2015-08-12 03:18 . 2015-08-12 03:18	151128	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\EXP_PDF.DLL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-27 19:17 . 2015-02-25 20:54	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-27 00:37 . 2015-02-12 22:29	1423120	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-08-27 00:37 . 2015-02-12 22:29	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-08-27 00:36 . 2015-02-12 22:29	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-08-27 00:36 . 2015-02-12 22:29	1710568	----a-w-	c:\windows\system32\nvspcap64.dll
2015-08-26 16:37 . 2015-02-01 00:57	134753440	----a-w-	c:\windows\system32\MRT.exe
2015-08-12 15:52 . 2015-02-15 02:58	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-12 15:52 . 2015-02-15 02:58	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-11 04:52 . 2015-02-12 20:51	72504	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-08-10 23:08 . 2015-02-12 22:28	123008	----a-w-	c:\windows\system32\OpenCL.dll
2015-08-10 23:08 . 2015-02-12 22:28	115512	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-08-10 23:08 . 2015-02-12 22:26	17625848	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-08-10 23:08 . 2015-02-12 22:26	15139256	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-08-10 23:08 . 2015-08-10 23:08	948832	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-08-10 23:08 . 2015-08-10 23:08	30497920	----a-w-	c:\windows\system32\nvoglv64.dll
2015-08-10 23:08 . 2015-08-10 23:08	22960768	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2015-08-10 23:08 . 2015-08-10 23:08	16160424	----a-w-	c:\windows\system32\nvopencl.dll
2015-08-10 23:08 . 2015-08-10 23:08	13277448	----a-w-	c:\windows\SysWow64\nvopencl.dll
2015-08-10 23:08 . 2015-08-10 23:08	11063440	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2015-08-10 23:08 . 2015-08-10 23:08	991888	----a-w-	c:\windows\SysWow64\NvIFR.dll
2015-08-10 23:08 . 2015-08-10 23:08	185632	----a-w-	c:\windows\system32\nvinitx.dll
2015-08-10 23:08 . 2015-08-10 23:08	164192	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-08-10 23:08 . 2015-08-10 23:08	160896	----a-w-	c:\windows\system32\nvoglshim64.dll
2015-08-10 23:08 . 2015-08-10 23:08	137424	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2015-08-10 23:08 . 2015-08-10 23:08	1071416	----a-w-	c:\windows\system32\NvIFR64.dll
2015-08-10 23:08 . 2015-08-10 23:08	985232	----a-w-	c:\windows\SysWow64\NvFBC.dll
2015-08-10 23:08 . 2015-08-10 23:08	48992	----a-w-	c:\windows\system32\nvhdap64.dll
2015-08-10 23:08 . 2015-08-10 23:08	213360	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2015-08-10 23:08 . 2015-08-10 23:08	1906832	----a-w-	c:\windows\system32\nvdispco6435382.dll
2015-08-10 23:08 . 2015-08-10 23:08	15902640	----a-w-	c:\windows\system32\nvd3dumx.dll
2015-08-10 23:08 . 2015-08-10 23:08	1577808	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2015-08-10 23:08 . 2015-08-10 23:08	1568056	----a-w-	c:\windows\system32\nvdispgenco6435382.dll
2015-08-10 23:08 . 2015-08-10 23:08	1063040	----a-w-	c:\windows\system32\NvFBC64.dll
2015-08-10 23:08 . 2015-02-12 22:26	12885072	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-08-10 23:08 . 2015-08-10 23:08	42740536	----a-w-	c:\windows\system32\nvcompiler.dll
2015-08-10 23:08 . 2015-08-10 23:08	37757584	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2015-08-10 23:08 . 2015-08-10 23:08	2942280	----a-w-	c:\windows\system32\nvcuvid.dll
2015-08-10 23:08 . 2015-08-10 23:08	2609480	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2015-08-10 23:08 . 2015-08-10 23:08	14512608	----a-w-	c:\windows\system32\nvcuda.dll
2015-08-10 23:08 . 2015-08-10 23:08	11845224	----a-w-	c:\windows\SysWow64\nvcuda.dll
2015-08-10 23:08 . 2015-02-12 22:26	3417208	----a-w-	c:\windows\system32\nvapi64.dll
2015-08-10 23:08 . 2015-02-12 22:26	3019128	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-08-07 00:44 . 2015-02-12 22:28	937592	----a-w-	c:\windows\system32\nvvsvc.exe
2015-08-07 00:44 . 2015-02-12 22:28	62584	----a-w-	c:\windows\system32\nvshext.dll
2015-08-07 00:44 . 2015-02-12 22:28	385328	----a-w-	c:\windows\system32\nvmctray.dll
2015-08-07 00:44 . 2015-02-12 22:28	2558768	----a-w-	c:\windows\system32\nvsvcr.dll
2015-08-07 00:44 . 2015-02-12 22:28	6873904	----a-w-	c:\windows\system32\nvcpl.dll
2015-08-07 00:44 . 2015-02-12 22:28	3492984	----a-w-	c:\windows\system32\nvsvc64.dll
2015-08-03 13:07 . 2015-02-12 22:28	5133709	----a-w-	c:\windows\system32\nvcoproc.bin
2015-07-22 17:53 . 2015-09-10 21:00	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-07-04 18:07 . 2015-07-16 19:34	2087424	----a-w-	c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-16 19:34	1414656	----a-w-	c:\windows\SysWow64\ole32.dll
2015-06-23 11:30 . 2015-02-03 17:39	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-18 16:45 . 2015-07-28 20:16	4496600	----a-w-	c:\windows\system32\drivers\RTKVHD64.sys
2015-06-17 17:47 . 2015-07-28 20:16	2930904	----a-w-	c:\windows\system32\RltkAPO64.dll
2015-06-17 17:47 . 2015-07-16 19:36	404992	----a-w-	c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-16 19:36	312320	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-06-17 12:45 . 2015-07-28 20:16	3234520	----a-w-	c:\windows\system32\RtkApi64.dll
2015-06-16 14:31 . 2015-06-16 14:31	1691816	----a-w-	c:\windows\system32\FM20.DLL
2015-06-15 21:45 . 2015-07-16 19:34	504320	----a-w-	c:\windows\system32\msihnd.dll
2015-06-15 21:45 . 2015-07-16 19:34	3242496	----a-w-	c:\windows\system32\msi.dll
2015-06-15 21:44 . 2015-07-16 19:34	128000	----a-w-	c:\windows\system32\msiexec.exe
2015-06-15 21:43 . 2015-07-16 19:34	337408	----a-w-	c:\windows\SysWow64\msihnd.dll
2015-06-15 21:43 . 2015-07-16 19:34	2364416	----a-w-	c:\windows\SysWow64\msi.dll
2015-06-15 21:42 . 2015-07-16 19:34	73216	----a-w-	c:\windows\SysWow64\msiexec.exe
2015-06-15 21:42 . 2015-07-16 19:34	25088	----a-w-	c:\windows\system32\msimsg.dll
2015-06-15 21:37 . 2015-07-16 19:34	25088	----a-w-	c:\windows\SysWow64\msimsg.dll
2015-06-15 15:39 . 2015-07-28 20:16	1748184	----a-w-	c:\windows\system32\RCoInstII64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-07-14 11:03	1729752	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-07-14 11:03	1729752	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-07-14 11:03	1729752	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Virtual Router Manager.lnk - c:\windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exe /min [2015-9-11 22486]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PVUSB;CESG502 64bit USB Driver;c:\windows\system32\DRIVERS\CESG64.sys;c:\windows\SYSNATIVE\DRIVERS\CESG64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Virtual Router;VirtualRouterService;c:\program files (x86)\Virtual Router\VirtualRouterService.exe;c:\program files (x86)\Virtual Router\VirtualRouterService.exe [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NVSTREAMKMS
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-15 15:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-07-14 10:59	2335960	----a-w-	c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-07-14 10:59	2335960	----a-w-	c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-07-14 10:59	2335960	----a-w-	c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-27 1710568]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
.
------- Zusätzlicher Suchlauf -------
.
mStart Page = about:blank
IE: {{09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
TCP: DhcpNameServer = 137.248.21.22 137.248.1.5 137.248.1.8
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default\
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-09-11  02:34:52
ComboFix-quarantined-files.txt  2015-09-11 00:34
.
Vor Suchlauf: 11 Verzeichnis(se), 779.902.029.824 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 782.605.045.760 Bytes frei
.
- - End Of File - - 812C32DF02B11221502AA17A13755EBE
         
 --- --- ---
5FB38429D5D77768867C76DCBDB35194

schrauber · 11.09.2015, 18:12

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Camilo123 · 11.09.2015, 20:23

Hallo,

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.09.2015
Suchlaufzeit: 20:17
Protokolldatei: mbamlog.txt
Administrator: Nein

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.11.06
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Ruben

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 308195
Abgelaufene Zeit: 14 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.007 - Bericht erstellt am 11/09/2015 um 20:57:59
# Aktualisiert am 08/09/2015 von Xplode
# Datenbank : 2015-09-10.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Ruben W - RUBEN-PC
# Gestartet von : C:\Users\Ruben\Downloads\AdwCleaner_5.007.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Ruben W\AppData\Local\Gameo
[-] Ordner Gelöscht : C:\Users\Ruben W\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Ruben W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
[-] Datei Gelöscht : C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default\user.js
[-] Datei Gelöscht : C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default\user.js
[-] Datei Gelöscht : C:\Users\Ruben\AppData\Roaming\Mozilla\Firefox\Profiles\Sr1sOWTa.default\user.js
[-] Datei Gelöscht : C:\Users\Ruben\AppData\Roaming\Mozilla\Firefox\Profiles\Sr1sOWTa.default\user.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\BoBrowser
[-] Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\omiga-plusSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\BoBrowser
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\PRODUCTSETUP
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1249185847-507591671-2405455049-1001\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [2366 Bytes] ##########

--- --- ---

[/CODE]

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 7 Home Premium x64
Ran by Ruben W on 11.09.2015 at 21:04:09,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Ruben W\AppData\Roaming\mozilla\firefox\profiles\na08baz7.default\minidumps [1 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.09.2015 at 21:06:27,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
durchgeführt von Ruben W (Administrator) auf RUBEN-PC (11-09-2015 21:21:00)
Gestartet von C:\Users\Ruben\Downloads
Geladene Profile: Ruben & Ruben W (Verfügbare Profile: Ruben & Ruben W)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

AutoConfigURL: [S-1-5-21-1249185847-507591671-2405455049-1000] => hxxp://www.uni-marburg.de/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 137.248.1.8 137.248.21.22 137.248.1.5
Tcpip\..\Interfaces\{50FCAAC2-7CE7-4EB2-A8A1-DCF1B31BA7F8}: [DhcpNameServer] 137.248.1.8 137.248.21.22 137.248.1.5

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-08-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173792 2015-03-29] (EasyAntiCheat Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
S2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-10] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-02-01] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-02-01] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-11 21:21 - 2015-09-11 21:21 - 00017197 _____ C:\Users\Ruben\Downloads\FRST.txt
2015-09-11 21:14 - 2015-09-11 21:14 - 00034445 _____ C:\Users\Ruben\Downloads\Addition.txt
2015-09-11 21:13 - 2015-09-11 21:14 - 00000000 ____D C:\Users\Ruben\Desktop\Trojanerboard
2015-09-11 21:13 - 2015-09-11 21:13 - 02190848 _____ (Farbar) C:\Users\Ruben\Downloads\FRST64.exe
2015-09-11 21:06 - 2015-09-11 21:11 - 00000844 _____ C:\Users\Ruben\Desktop\JRT.txt
2015-09-11 21:03 - 2015-09-09 20:12 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Ruben W\Desktop\JRT.exe
2015-09-11 20:57 - 2015-09-11 20:58 - 00002455 _____ C:\Users\Ruben\Desktop\AdwCleaner[C1].txt
2015-09-11 20:56 - 2015-09-11 21:15 - 00000000 ____D C:\AdwCleaner
2015-09-11 20:54 - 2015-09-11 20:54 - 00038308 _____ C:\Users\Ruben\Desktop\Proxy-Server - Philipps-Universität Marburg - Hochschulrechenzentrum.htm
2015-09-11 20:54 - 2015-09-11 20:54 - 00000000 ____D C:\Users\Ruben\Desktop\Proxy-Server - Philipps-Universität Marburg - Hochschulrechenzentrum-Dateien
2015-09-11 20:38 - 2015-09-11 20:38 - 00000000 ____D C:\Windows\pss
2015-09-11 20:16 - 2015-09-11 20:16 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-11 20:16 - 2015-09-11 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-11 20:16 - 2015-09-11 20:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-11 20:16 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-11 20:16 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-11 02:34 - 2015-09-11 02:34 - 00023574 _____ C:\ComboFix.txt
2015-09-11 02:04 - 2015-09-11 02:34 - 00000000 ____D C:\Qoobox
2015-09-11 02:04 - 2015-09-11 02:33 - 00000000 ____D C:\Windows\erdnt
2015-09-11 02:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-11 02:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-11 02:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-11 02:03 - 2015-09-11 02:03 - 05635119 ____R (Swearware) C:\Users\Ruben\Downloads\ComboFix.exe
2015-09-11 02:02 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-11 02:02 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-11 02:02 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-11 02:02 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-11 02:02 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-11 02:02 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-11 02:02 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-09-11 01:56 - 2015-09-11 20:49 - 00001590 _____ C:\Users\Ruben\Desktop\VirtualRouterClient.exe - Verknüpfung.lnk
2015-09-11 01:44 - 2011-01-25 11:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2015-09-11 01:44 - 2011-01-25 11:34 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2015-09-11 01:43 - 2015-09-11 01:43 - 00369576 _____ C:\Users\Ruben\Downloads\427222_intl_x64_zip.exe
2015-09-11 01:43 - 2015-09-11 01:43 - 00369576 _____ C:\Users\Ruben\Downloads\427222_intl_x64_zip(1).exe
2015-09-11 01:36 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-09-11 01:36 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-09-11 01:36 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-09-11 01:35 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-09-11 01:32 - 2015-09-11 01:32 - 01373696 _____ C:\Users\Ruben\Downloads\VirtualRouterInstaller.msi
2015-09-11 01:29 - 2015-09-11 01:29 - 00000000 ____D C:\Users\Ruben W\AppData\Local\Chris_Pietschmann_(http__
2015-09-11 01:28 - 2015-09-11 21:02 - 00000513 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-09-11 01:25 - 2015-09-11 01:25 - 00000000 ____D C:\Users\Ruben\AppData\Local\Chris_Pietschmann_(http__
2015-09-11 01:12 - 2015-09-11 02:37 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2015-09-11 01:12 - 2015-09-11 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
2015-09-11 01:12 - 2015-09-11 01:12 - 00002609 _____ C:\Users\Ruben W\Desktop\Virtual Router Manager.lnk
2015-09-11 01:10 - 2015-09-11 01:10 - 01373696 _____ C:\Users\Ruben W\Downloads\VirtualRouterInstaller.msi
2015-09-11 00:47 - 2015-09-11 00:47 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-11 00:41 - 2015-09-11 20:49 - 00001053 _____ C:\Users\Ruben\Desktop\Bilder - Verknüpfung.lnk
2015-09-11 00:39 - 2015-09-11 00:39 - 00000000 ____D C:\Users\Ruben\Desktop\Universität Marburg
2015-09-11 00:37 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-09-11 00:37 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-09-11 00:37 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-09-11 00:37 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-09-11 00:37 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-09-11 00:37 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-09-11 00:37 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-09-11 00:37 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-09-11 00:37 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-09-11 00:37 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-09-11 00:26 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-09-11 00:26 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-09-11 00:26 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-09-11 00:21 - 2015-08-07 02:04 - 00572024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-09-10 23:02 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 23:02 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-10 23:02 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 23:01 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 23:01 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 23:01 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 23:01 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-10 23:01 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-10 23:01 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-10 23:01 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-10 23:01 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 23:01 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 23:01 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-10 23:01 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-10 23:01 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-10 23:01 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-10 23:01 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 23:01 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-10 23:01 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 23:01 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-10 23:01 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-10 23:01 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-10 23:01 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 23:01 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-10 23:01 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-10 23:01 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-10 23:01 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-10 23:01 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-10 23:01 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-10 23:01 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 23:01 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-10 23:01 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-10 23:01 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-10 23:01 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-10 23:01 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-10 23:01 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 23:01 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-10 23:01 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-10 23:01 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-10 23:01 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 23:01 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-10 23:01 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-10 23:01 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 23:01 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 23:01 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 23:01 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-10 23:01 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-10 23:01 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 23:01 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-10 23:01 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-10 23:01 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-10 23:01 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-10 23:01 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 23:01 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 23:01 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 23:01 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 23:01 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 23:01 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-10 23:01 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 23:01 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 23:01 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 23:01 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 23:01 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 23:01 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 23:01 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-10 23:01 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-10 23:01 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-10 23:01 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-10 23:01 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-10 23:01 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-10 23:00 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-10 23:00 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 23:00 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-10 23:00 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-10 23:00 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 23:00 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 23:00 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 23:00 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 23:00 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 23:00 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-10 23:00 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-10 23:00 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 23:00 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 23:00 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-10 23:00 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-10 23:00 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 23:00 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-10 23:00 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 23:00 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-10 23:00 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-10 23:00 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-10 23:00 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-10 23:00 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-10 23:00 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 23:00 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 23:00 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-10 23:00 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-10 23:00 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 23:00 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-10 23:00 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-10 23:00 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-10 23:00 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-10 23:00 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-10 23:00 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-10 23:00 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-10 23:00 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-10 23:00 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-10 23:00 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-10 23:00 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-10 23:00 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-10 23:00 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-10 23:00 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-10 23:00 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-10 23:00 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-10 23:00 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-10 23:00 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-10 23:00 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 23:00 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-10 23:00 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-10 23:00 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-10 23:00 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-10 23:00 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-10 23:00 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-10 23:00 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 23:00 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 23:00 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-10 23:00 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-07 17:28 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-09-07 17:28 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-09-04 21:27 - 2015-09-04 21:26 - 00064470 ____N C:\Users\Ruben\Desktop\umrnet-setup-0.22-20150817181556.exe
2015-08-28 17:30 - 2015-08-28 17:30 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Ruben\Downloads\tdsskiller.exe
2015-08-28 16:10 - 2015-08-28 16:10 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Ruben W\Desktop\mbar-1.09.2.1008(1).exe
2015-08-28 15:42 - 2015-09-11 20:39 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-28 15:42 - 2015-09-11 20:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-28 15:42 - 2015-08-28 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-28 15:41 - 2015-08-28 16:42 - 00000000 ____D C:\Users\Ruben W\Desktop\mbar
2015-08-28 15:41 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-28 15:40 - 2015-08-28 15:40 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Ruben\Downloads\mbar-1.09.2.1008.exe
2015-08-28 15:36 - 2015-08-28 16:09 - 00001271 _____ C:\Users\Ruben W\Desktop\Revo Uninstaller.lnk
2015-08-28 15:36 - 2015-08-28 16:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-28 15:34 - 2015-08-28 15:34 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ruben\Desktop\revosetup95.exe
2015-08-28 00:01 - 2015-08-28 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-27 23:11 - 2015-08-27 23:13 - 00032768 _____ C:\Windows\system32\persistent_q.db-shm
2015-08-27 23:11 - 2015-08-27 23:11 - 00003176 _____ C:\Windows\system32\persistent_q.db-wal
2015-08-27 23:11 - 2015-08-27 23:11 - 00001024 _____ C:\Windows\system32\persistent_q.db
2015-08-27 22:37 - 2015-08-27 22:37 - 00000000 _____ C:\Users\Ruben W\defogger_reenable
2015-08-27 21:52 - 2015-08-27 21:52 - 00380416 _____ C:\Users\Ruben W\Desktop\m31zu5fs.exe
2015-08-27 21:49 - 2015-09-11 21:14 - 00070220 _____ C:\Users\Ruben\Desktop\FRST.txt
2015-08-27 21:48 - 2015-09-11 21:21 - 00000000 ____D C:\FRST
2015-08-27 21:47 - 2015-08-27 21:47 - 02186752 _____ (Farbar) C:\Users\Ruben W\Desktop\FRST64.exe
2015-08-27 21:45 - 2015-08-27 21:45 - 00050477 _____ C:\Users\Ruben W\Desktop\Defogger.exe
2015-08-27 21:21 - 2015-08-27 21:21 - 00000000 ____D C:\Users\Ruben\AppData\Roaming\Sun
2015-08-27 21:21 - 2015-08-27 21:21 - 00000000 ____D C:\Users\Ruben\.oracle_jre_usage
2015-08-27 21:20 - 2015-08-27 21:20 - 00000256 _____ C:\ProgramData\lxea.log
2015-08-27 21:17 - 2015-08-27 21:17 - 00000000 ____D C:\Users\Ruben W\AppData\Roaming\Sun
2015-08-27 21:17 - 2015-08-27 21:17 - 00000000 ____D C:\Users\Ruben W\.oracle_jre_usage
2015-08-26 21:40 - 2015-08-27 21:15 - 00000000 ____D C:\Users\Ruben\Desktop\Ebay Kleinanzeifen
2015-08-24 01:03 - 2015-08-24 01:04 - 00000000 ____D C:\Users\Ruben\Desktop\Otto Bett
2015-08-20 01:22 - 2015-08-11 01:08 - 01110768 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-20 01:22 - 2015-08-10 23:43 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-08-20 01:22 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-20 01:22 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-20 01:14 - 2015-08-20 01:14 - 00000000 ____D C:\Users\Ruben W\AppData\Local\NVIDIA Corporation
2015-08-20 01:11 - 2015-08-20 01:11 - 00002337 _____ C:\Users\Ruben W\Desktop\Sicherer Zahlungsverkehr.lnk
2015-08-20 01:11 - 2015-08-20 01:11 - 00000000 ____D C:\Users\Ruben W\AppData\Local\VirtualStore
2015-08-12 12:59 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:59 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 05:40 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 05:40 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 05:40 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 05:40 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 05:40 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 05:40 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 05:40 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 05:40 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 05:39 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 05:39 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 05:39 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 05:39 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 05:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 05:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 05:39 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 05:39 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 05:39 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 05:39 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 05:39 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 05:39 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-11 21:12 - 2015-02-01 19:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-11 21:11 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-11 21:11 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-11 21:04 - 2015-02-01 01:36 - 01475475 _____ C:\Windows\WindowsUpdate.log
2015-09-11 21:02 - 2015-02-01 19:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-11 21:00 - 2009-07-14 06:51 - 00094747 _____ C:\Windows\setupact.log
2015-09-11 20:59 - 2015-02-13 00:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-11 20:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-11 20:52 - 2015-02-15 04:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-11 20:49 - 2015-04-14 15:16 - 00002070 _____ C:\Users\Ruben\Desktop\JDownloader 2.lnk
2015-09-11 20:49 - 2015-02-10 21:42 - 00003019 _____ C:\Users\Ruben\Desktop\Excel 2013.lnk
2015-09-11 20:49 - 2015-02-10 21:42 - 00002997 _____ C:\Users\Ruben\Desktop\Word 2013.lnk
2015-09-11 20:49 - 2015-02-10 21:42 - 00002919 _____ C:\Users\Ruben\Desktop\Publisher 2013.lnk
2015-09-11 20:49 - 2015-02-01 19:03 - 00001176 _____ C:\Users\Ruben\Desktop\TeamSpeak 3 Client.lnk
2015-09-11 20:49 - 2015-02-01 02:27 - 00000859 _____ C:\Users\Ruben\Desktop\Downloads.lnk
2015-09-11 20:34 - 2015-02-01 19:22 - 00367504 _____ C:\Windows\PFRO.log
2015-09-11 02:48 - 2015-04-08 16:34 - 00000000 ____D C:\Users\Ruben W\AppData\Local\Mozilla
2015-09-11 02:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-11 02:32 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-11 01:54 - 2015-02-06 19:51 - 00000000 ____D C:\Users\Ruben W
2015-09-11 01:38 - 2015-02-12 22:53 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-11 01:38 - 2009-07-14 19:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-09-11 01:38 - 2009-07-14 19:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-09-11 01:38 - 2009-07-14 07:13 - 01593956 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-11 00:49 - 2015-05-04 01:13 - 00000000 ____D C:\Users\Ruben\Desktop\DEUTSCH
2015-09-11 00:47 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-11 00:46 - 2009-07-14 06:45 - 00435496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-11 00:42 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 00:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-11 00:41 - 2015-05-04 01:13 - 00000000 ____D C:\Users\Ruben\Desktop\Semperschulen
2015-09-11 00:40 - 2015-07-29 15:49 - 00000000 ____D C:\Users\Ruben\Desktop\Unterlagen
2015-09-11 00:39 - 2015-02-10 21:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-11 00:39 - 2015-02-10 21:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-11 00:36 - 2015-02-01 02:57 - 00000000 ____D C:\Windows\system32\MRT
2015-09-11 00:36 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-09-11 00:21 - 2015-02-13 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-11 00:21 - 2015-02-01 02:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-11 00:21 - 2015-02-01 02:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-28 23:06 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-28 17:25 - 2015-04-06 22:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-28 16:46 - 2015-02-01 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-27 21:21 - 2015-02-25 22:54 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 21:21 - 2015-02-01 02:26 - 00000000 ____D C:\Users\Ruben
2015-08-27 21:20 - 2015-02-25 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 21:20 - 2015-02-01 03:00 - 00045529 _____ C:\ProgramData\lxeascan.log
2015-08-27 21:17 - 2015-02-25 22:54 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 02:37 - 2015-02-13 00:29 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-08-27 02:37 - 2015-02-13 00:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-27 02:36 - 2015-02-13 00:29 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-27 02:36 - 2015-02-13 00:29 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-08-26 18:37 - 2015-02-01 02:57 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-26 14:18 - 2015-02-10 21:45 - 00000000 ____D C:\Users\Ruben\AppData\Local\Microsoft Help
2015-08-20 01:24 - 2015-02-01 02:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-20 01:23 - 2015-02-25 22:55 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 01:14 - 2015-02-13 00:29 - 00000000 ____D C:\Users\Ruben W\AppData\Local\NVIDIA
2015-08-19 13:59 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-12 21:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-12 17:52 - 2015-02-15 04:58 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 17:52 - 2015-02-15 04:58 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 17:52 - 2015-02-15 04:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 15:23 - 2015-02-01 19:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 15:23 - 2015-02-01 03:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 12:59 - 2015-05-04 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 12:58 - 2015-05-04 18:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 12:58 - 2015-05-04 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-01 02:59 - 2015-02-01 02:59 - 0000405 _____ () C:\ProgramData\Coinstaller.log
2015-02-06 19:52 - 2015-02-06 19:52 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-08-27 21:20 - 2015-08-27 21:20 - 0000256 _____ () C:\ProgramData\lxea.log
2015-02-10 00:03 - 2015-04-29 21:58 - 0012526 _____ () C:\ProgramData\lxeaJSW.log
2015-02-01 03:00 - 2015-08-27 21:20 - 0045529 _____ () C:\ProgramData\lxeascan.log
2015-02-06 19:51 - 2015-02-06 19:51 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-02 16:42

==================== Ende von FRST.txt ============================

--- --- ---

schrauber · 12.09.2015, 13:45

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Camilo123 · 16.09.2015, 18:59

Hey,

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9dedd0b027436b47a1c4c467ecd30c20
# end=init
# utc_time=2015-09-16 04:14:44
# local_time=2015-09-16 06:14:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25793
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9dedd0b027436b47a1c4c467ecd30c20
# end=updated
# utc_time=2015-09-16 04:16:52
# local_time=2015-09-16 06:16:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9dedd0b027436b47a1c4c467ecd30c20
# engine=25793
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-16 05:48:46
# local_time=2015-09-16 07:48:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1299 16777213 100 100 6034 69997356 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 21746 194055576 0 0
# scanned=341957
# found=2
# cleaned=0
# scan_time=5513
sh=4E5789C41FC7BDFF6AF5B436D47AD67ABD721C83 ft=0 fh=0000000000000000 vn="Variante von Win32/ELEX.BF evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ruben W\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZNJFM4T\1[1].zip"
sh=48548BC776DB03FC73602AFDE998381AA4865DA9 ft=1 fh=ce1f385e3c2f5abd vn="Variante von Win32/InstallCore.ACQ.gen evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ruben W\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BN2ZGECN\JDownloaderSetup[1].exe"

Code:

ATTFilter

 Results of screen317's Security Check version 1.008  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 60  
 Adobe Flash Player 18.0.0.232  
 Adobe Reader XI  
 Mozilla Firefox (40.0.3) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Kaspersky Lab Kaspersky Internet Security 15.0.1 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.1 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Wurde eigentlich etwas schwerwiegendes entdeckt?
LG

schrauber · 17.09.2015, 06:01

Nur Adware. Fehlt noch das frische FRST log und die Antwort auf meine Frage

Camilo123 · 27.09.2015, 20:14

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
durchgeführt von Ruben W (Administrator) auf RUBEN-PC (27-09-2015 21:12:31)
Gestartet von C:\Users\Ruben\Desktop
Geladene Profile: Ruben & Ruben W (Verfügbare Profile: Ruben & Ruben W)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Ruben\Desktop\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\MountPoints2: {83c44bb8-ee99-11e4-b576-6c626dfb0b63} - L:\LGAutoRun.exe
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\MountPoints2: {8edcca9d-b139-11e4-a030-6c626dfb0b63} - K:\SETUP.EXE
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\...\MountPoints2: {ca317370-d3e4-11e4-a0fc-6c626dfb0b63} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk [2015-09-11]
ShortcutTarget: Virtual Router Manager.lnk -> C:\Windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-1249185847-507591671-2405455049-1000] => hxxp://www.uni-marburg.de/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 137.248.21.22 137.248.1.5 137.248.1.8
Tcpip\..\Interfaces\{50FCAAC2-7CE7-4EB2-A8A1-DCF1B31BA7F8}: [DhcpNameServer] 137.248.21.22 137.248.1.5 137.248.1.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1249185847-507591671-2405455049-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1249185847-507591671-2405455049-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1249185847-507591671-2405455049-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-02-01] (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-08-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ruben W\AppData\Roaming\Mozilla\Firefox\Profiles\na08baz7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-01] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173792 2015-03-29] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-10] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-02-01] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-02-01] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-27 21:11 - 2015-09-27 21:11 - 00035599 _____ C:\Users\Ruben\Desktop\Addition.txt
2015-09-27 21:10 - 2015-09-27 21:10 - 02192384 _____ (Farbar) C:\Users\Ruben\Desktop\FRST64(1).exe
2015-09-25 17:33 - 2015-09-25 17:33 - 01075248 _____ C:\Windows\Minidump\092515-18174-01.dmp
2015-09-25 12:29 - 2015-09-25 22:29 - 00000000 ____D C:\Users\Ruben\Documents\Outlook-Dateien
2015-09-25 00:32 - 2015-09-25 00:33 - 01090024 _____ C:\Windows\Minidump\092515-17799-01.dmp
2015-09-23 20:57 - 2015-09-23 21:07 - 00000000 ____D C:\Users\Ruben\Desktop\Gisonenweg
2015-09-22 20:52 - 2015-09-22 20:52 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-20 02:44 - 2015-09-20 02:44 - 00909271 _____ C:\Users\Ruben\Downloads\Laufbahnausbildung im gehobenen nichttechnischen Dienst.pdf;jsessionid=5CE07B8D0BD63078B745B7F30A636F7F.2_cid377
2015-09-19 00:55 - 2015-09-19 00:55 - 00303693 _____ C:\Users\Ruben\Downloads\NS
2015-09-16 22:01 - 2015-09-27 15:47 - 00000000 ____D C:\Users\Ruben\AppData\Local\Spotify
2015-09-16 22:01 - 2015-09-16 22:01 - 00001774 _____ C:\Users\Ruben\Desktop\Spotify.lnk
2015-09-16 22:01 - 2015-09-16 22:01 - 00001760 _____ C:\Users\Ruben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-09-16 22:00 - 2015-09-27 16:32 - 00000000 ____D C:\Users\Ruben\AppData\Roaming\Spotify
2015-09-16 22:00 - 2015-09-16 22:00 - 00146080 _____ (Spotify Ltd) C:\Users\Ruben\Downloads\SpotifySetup.exe
2015-09-16 19:55 - 2015-09-16 19:55 - 00852704 _____ C:\Users\Ruben\Desktop\SecurityCheck.exe
2015-09-16 18:14 - 2015-09-16 18:14 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-16 18:12 - 2015-09-16 18:13 - 02870984 _____ (ESET) C:\Users\Ruben\Downloads\esetsmartinstaller_deu.exe
2015-09-11 23:03 - 2015-09-11 23:03 - 00053442 _____ C:\Users\Ruben\Downloads\moduluebersichtba
2015-09-11 21:21 - 2015-09-27 21:12 - 00019735 _____ C:\Users\Ruben\Desktop\FRST.txt
2015-09-11 21:21 - 2015-09-11 21:21 - 00068463 _____ C:\Users\Ruben\Downloads\FRST.txt
2015-09-11 21:14 - 2015-09-11 21:14 - 00034445 _____ C:\Users\Ruben\Downloads\Addition.txt
2015-09-11 21:13 - 2015-09-11 21:14 - 00000000 ____D C:\Users\Ruben\Desktop\Trojanerboard
2015-09-11 21:13 - 2015-09-11 21:13 - 02190848 _____ (Farbar) C:\Users\Ruben\Downloads\FRST64.exe
2015-09-11 21:06 - 2015-09-11 21:11 - 00000844 _____ C:\Users\Ruben\Desktop\JRT.txt
2015-09-11 21:03 - 2015-09-09 20:12 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Ruben W\Desktop\JRT.exe
2015-09-11 20:57 - 2015-09-11 20:58 - 00002455 _____ C:\Users\Ruben\Desktop\AdwCleaner[C1].txt
2015-09-11 20:56 - 2015-09-11 21:15 - 00000000 ____D C:\AdwCleaner
2015-09-11 20:54 - 2015-09-11 20:54 - 00038308 _____ C:\Users\Ruben\Desktop\Proxy-Server - Philipps-Universität Marburg - Hochschulrechenzentrum.htm
2015-09-11 20:54 - 2015-09-11 20:54 - 00000000 ____D C:\Users\Ruben\Desktop\Proxy-Server - Philipps-Universität Marburg - Hochschulrechenzentrum-Dateien
2015-09-11 20:38 - 2015-09-11 21:46 - 00000000 ____D C:\Windows\pss
2015-09-11 20:16 - 2015-09-11 20:16 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-11 20:16 - 2015-09-11 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-11 20:16 - 2015-09-11 20:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-11 20:16 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-11 20:16 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-11 02:34 - 2015-09-11 02:34 - 00023574 _____ C:\ComboFix.txt
2015-09-11 02:04 - 2015-09-11 02:34 - 00000000 ____D C:\Qoobox
2015-09-11 02:04 - 2015-09-11 02:33 - 00000000 ____D C:\Windows\erdnt
2015-09-11 02:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-11 02:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-11 02:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-11 02:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-11 02:03 - 2015-09-11 02:03 - 05635119 ____R (Swearware) C:\Users\Ruben\Downloads\ComboFix.exe
2015-09-11 02:02 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-11 02:02 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-11 02:02 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-11 02:02 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-11 02:02 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-11 02:02 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-11 02:02 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-09-11 01:56 - 2015-09-11 20:49 - 00001590 _____ C:\Users\Ruben\Desktop\VirtualRouterClient.exe - Verknüpfung.lnk
2015-09-11 01:44 - 2011-01-25 11:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2015-09-11 01:44 - 2011-01-25 11:34 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2015-09-11 01:43 - 2015-09-11 01:43 - 00369576 _____ C:\Users\Ruben\Downloads\427222_intl_x64_zip.exe
2015-09-11 01:43 - 2015-09-11 01:43 - 00369576 _____ C:\Users\Ruben\Downloads\427222_intl_x64_zip(1).exe
2015-09-11 01:36 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-09-11 01:36 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-09-11 01:36 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-09-11 01:35 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-09-11 01:32 - 2015-09-11 01:32 - 01373696 _____ C:\Users\Ruben\Downloads\VirtualRouterInstaller.msi
2015-09-11 01:29 - 2015-09-11 01:29 - 00000000 ____D C:\Users\Ruben W\AppData\Local\Chris_Pietschmann_(http__
2015-09-11 01:28 - 2015-09-27 21:07 - 00000514 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-09-11 01:25 - 2015-09-11 01:25 - 00000000 ____D C:\Users\Ruben\AppData\Local\Chris_Pietschmann_(http__
2015-09-11 01:12 - 2015-09-11 02:37 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2015-09-11 01:12 - 2015-09-11 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
2015-09-11 01:12 - 2015-09-11 01:12 - 00002609 _____ C:\Users\Ruben W\Desktop\Virtual Router Manager.lnk
2015-09-11 01:10 - 2015-09-11 01:10 - 01373696 _____ C:\Users\Ruben W\Downloads\VirtualRouterInstaller.msi
2015-09-11 00:47 - 2015-09-11 00:47 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-11 00:41 - 2015-09-11 20:49 - 00001053 _____ C:\Users\Ruben\Desktop\Bilder - Verknüpfung.lnk
2015-09-11 00:39 - 2015-09-11 00:39 - 00000000 ____D C:\Users\Ruben\Desktop\Universität Marburg
2015-09-11 00:37 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-09-11 00:37 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-09-11 00:37 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-09-11 00:37 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-09-11 00:37 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-09-11 00:37 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-09-11 00:37 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-09-11 00:37 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-09-11 00:37 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-09-11 00:37 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-09-11 00:26 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-09-11 00:26 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-09-11 00:26 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-09-11 00:21 - 2015-08-07 02:04 - 00572024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-09-10 23:02 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 23:02 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-10 23:02 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 23:01 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 23:01 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 23:01 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 23:01 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-10 23:01 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-10 23:01 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-10 23:01 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-10 23:01 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 23:01 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 23:01 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-10 23:01 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-10 23:01 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-10 23:01 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-10 23:01 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 23:01 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-10 23:01 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 23:01 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-10 23:01 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-10 23:01 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-10 23:01 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 23:01 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-10 23:01 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-10 23:01 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-10 23:01 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-10 23:01 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-10 23:01 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-10 23:01 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 23:01 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-10 23:01 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-10 23:01 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-10 23:01 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-10 23:01 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-10 23:01 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 23:01 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-10 23:01 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-10 23:01 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-10 23:01 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 23:01 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-10 23:01 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-10 23:01 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 23:01 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 23:01 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 23:01 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-10 23:01 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-10 23:01 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 23:01 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-10 23:01 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-10 23:01 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-10 23:01 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-10 23:01 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 23:01 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 23:01 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 23:01 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 23:01 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 23:01 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-10 23:01 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 23:01 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 23:01 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 23:01 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 23:01 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 23:01 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 23:01 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-10 23:01 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-10 23:01 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-10 23:01 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-10 23:01 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-10 23:01 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-10 23:00 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-10 23:00 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-10 23:00 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 23:00 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-10 23:00 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-10 23:00 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 23:00 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 23:00 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 23:00 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 23:00 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 23:00 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-10 23:00 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-10 23:00 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 23:00 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 23:00 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-10 23:00 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-10 23:00 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-10 23:00 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 23:00 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-10 23:00 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 23:00 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 23:00 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-10 23:00 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-10 23:00 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-10 23:00 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-10 23:00 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-10 23:00 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 23:00 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 23:00 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-10 23:00 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-10 23:00 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 23:00 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-10 23:00 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-10 23:00 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-10 23:00 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-10 23:00 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-10 23:00 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-10 23:00 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-10 23:00 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-10 23:00 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-10 23:00 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-10 23:00 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-10 23:00 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-10 23:00 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-10 23:00 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-10 23:00 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-10 23:00 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-10 23:00 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-10 23:00 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-10 23:00 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-10 23:00 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-10 23:00 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-10 23:00 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-10 23:00 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-10 23:00 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 23:00 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-10 23:00 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-10 23:00 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-10 23:00 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-10 23:00 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-10 23:00 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-10 23:00 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-10 23:00 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 23:00 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 23:00 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-10 23:00 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-07 17:28 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-09-07 17:28 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-09-04 21:27 - 2015-09-04 21:26 - 00064470 ____N C:\Users\Ruben\Desktop\umrnet-setup-0.22-20150817181556.exe
2015-08-28 17:30 - 2015-08-28 17:30 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Ruben\Downloads\tdsskiller.exe
2015-08-28 16:10 - 2015-08-28 16:10 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Ruben W\Desktop\mbar-1.09.2.1008(1).exe
2015-08-28 15:42 - 2015-09-11 20:39 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-28 15:42 - 2015-09-11 20:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-28 15:42 - 2015-08-28 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-28 15:41 - 2015-08-28 16:42 - 00000000 ____D C:\Users\Ruben W\Desktop\mbar
2015-08-28 15:41 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-28 15:40 - 2015-08-28 15:40 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Ruben\Downloads\mbar-1.09.2.1008.exe
2015-08-28 15:36 - 2015-08-28 16:09 - 00001271 _____ C:\Users\Ruben W\Desktop\Revo Uninstaller.lnk
2015-08-28 15:36 - 2015-08-28 16:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-28 15:34 - 2015-08-28 15:34 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ruben\Desktop\revosetup95.exe
2015-08-28 00:01 - 2015-09-23 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-27 21:12 - 2015-08-27 21:48 - 00000000 ____D C:\FRST
2015-09-27 21:11 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-27 21:11 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-27 21:09 - 2015-02-01 01:36 - 01333845 _____ C:\Windows\WindowsUpdate.log
2015-09-27 21:04 - 2015-02-01 19:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-27 21:04 - 2015-02-01 19:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-27 21:03 - 2015-02-13 00:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-27 21:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-27 21:03 - 2009-07-14 06:51 - 00101187 _____ C:\Windows\setupact.log
2015-09-27 16:52 - 2015-02-15 04:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-27 12:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-27 01:25 - 2009-07-14 19:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-09-27 01:25 - 2009-07-14 19:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-09-27 01:25 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-25 17:33 - 2015-07-05 14:55 - 620014352 _____ C:\Windows\MEMORY.DMP
2015-09-25 17:33 - 2015-07-05 14:55 - 00000000 ____D C:\Windows\Minidump
2015-09-23 20:19 - 2015-02-01 19:22 - 00372910 _____ C:\Windows\PFRO.log
2015-09-23 20:19 - 2015-02-01 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-22 20:53 - 2015-02-15 04:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-22 20:52 - 2015-02-15 04:58 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-22 20:52 - 2015-02-15 04:58 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-16 22:03 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-12 01:51 - 2015-02-12 22:53 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-11 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-11 20:49 - 2015-04-14 15:16 - 00002070 _____ C:\Users\Ruben\Desktop\JDownloader 2.lnk
2015-09-11 20:49 - 2015-02-10 21:42 - 00003019 _____ C:\Users\Ruben\Desktop\Excel 2013.lnk
2015-09-11 20:49 - 2015-02-10 21:42 - 00002997 _____ C:\Users\Ruben\Desktop\Word 2013.lnk
2015-09-11 20:49 - 2015-02-10 21:42 - 00002919 _____ C:\Users\Ruben\Desktop\Publisher 2013.lnk
2015-09-11 20:49 - 2015-02-01 19:03 - 00001176 _____ C:\Users\Ruben\Desktop\TeamSpeak 3 Client.lnk
2015-09-11 20:49 - 2015-02-01 02:27 - 00000859 _____ C:\Users\Ruben\Desktop\Downloads.lnk
2015-09-11 02:48 - 2015-04-08 16:34 - 00000000 ____D C:\Users\Ruben W\AppData\Local\Mozilla
2015-09-11 02:32 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-11 01:54 - 2015-02-06 19:51 - 00000000 ____D C:\Users\Ruben W
2015-09-11 00:49 - 2015-05-04 01:13 - 00000000 ____D C:\Users\Ruben\Desktop\DEUTSCH
2015-09-11 00:47 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-11 00:46 - 2009-07-14 06:45 - 00435496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-11 00:42 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 00:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-11 00:41 - 2015-05-04 01:13 - 00000000 ____D C:\Users\Ruben\Desktop\Semperschulen
2015-09-11 00:40 - 2015-07-29 15:49 - 00000000 ____D C:\Users\Ruben\Desktop\Unterlagen
2015-09-11 00:39 - 2015-02-10 21:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-11 00:39 - 2015-02-10 21:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-11 00:36 - 2015-02-01 02:57 - 00000000 ____D C:\Windows\system32\MRT
2015-09-11 00:36 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-09-11 00:21 - 2015-02-13 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-11 00:21 - 2015-02-01 02:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-11 00:21 - 2015-02-01 02:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-28 23:06 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-28 17:25 - 2015-04-06 22:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-01 02:59 - 2015-02-01 02:59 - 0000405 _____ () C:\ProgramData\Coinstaller.log
2015-02-06 19:52 - 2015-02-06 19:52 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-08-27 21:20 - 2015-08-27 21:20 - 0000256 _____ () C:\ProgramData\lxea.log
2015-02-10 00:03 - 2015-04-29 21:58 - 0012526 _____ () C:\ProgramData\lxeaJSW.log
2015-02-01 03:00 - 2015-08-27 21:20 - 0045529 _____ () C:\ProgramData\lxeascan.log
2015-02-06 19:51 - 2015-02-06 19:51 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-24 08:22

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

Keine ungewöhnlichen Zugriffe mehr bemerkt. Danke

schrauber · 28.09.2015, 16:30

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Camilo123 · 28.10.2015, 00:16

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Ruben (2015-10-28 00:07:23) Run:1
Gestartet von C:\Users\Ruben\Desktop
Geladene Profile: Ruben (Verfügbare Profile: Ruben & Ruben W)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Emptytemp:
*****************

EmptyTemp: => 1.4 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 00:07:40 ====

Danke!! Ich bin sehr zufrieden!!!

schrauber · 28.10.2015, 20:20

Gern Geschehen

17.09.2015, 06:01	#10
schrauber /// the machine /// TB-Ausbilder	Fremdzugriff auf E-Mail, Amazon etc. Nur Adware. Fehlt noch das frische FRST log und die Antwort auf meine Frage __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

28.10.2015, 20:20	#14
schrauber /// the machine /// TB-Ausbilder	Fremdzugriff auf E-Mail, Amazon etc. Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Fremdzugriff auf E-Mail, Amazon etc.

Log-Analyse und Auswertung: Fremdzugriff auf E-Mail, Amazon etc.