Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7 sehr langsam und stürzt ständig ab (https://www.trojaner-board.de/165861-windows-7-sehr-langsam-stuerzt-staendig-ab.html)

Jabba131 06.04.2015 21:49
Windows 7 sehr langsam und stürzt ständig ab
 
Hallo,
ich hoffe ihr könnt mir helfen. Ich hab meinen PC lange nicht mehr benutzt und jetzt ist er irgendwie sehr langsam. Eben ist er abgestürzt und dannach war mein antivirus programm(avast) deaktiviert.
Ich hab mit avast meinen PC gescannt und mehrere Bedrohungen gefunden und behoben. Das Problem existiert aber leider immernoch.

defogger_disable
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:07 on 06/04/2015 (Altan)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Altan (administrator) on ALTAN-PC on 06-04-2015 22:11:45
Running from C:\Users\Altan\Desktop
Loaded Profiles: Altan (Available profiles: Altan)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-10] (Ulead Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5512912 2015-04-06] (Avast Software s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\...\MountPoints2: {0f4dd270-d496-11e0-a230-40618699f324} - J:\Install.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL = hxxp://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=drive&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=109217&tt=090812_clr_3212_6&babsrc=SP_ss&mntrId=4a425ad70000000000001c4bd63faac8
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {6E1E4CF4-1EB3-42B9-A059-7BDE6C20EFFF} URL = hxxp://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41648033&src=crm&q={searchTerms}&locale=&apn_ptnrs=96&apn_dtid=YYYYYYYYDE&apn_uid=3832B3FE-B6DD-4B5A-9731-FED045544C9F&apn_sauid=CAEF644C-804C-4374-9C1E-3F75E987C5A5
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL = hxxp://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {D195FBBF-D679-4040-BAB0-BB5D9C60A182} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Altan\AppData\Roaming\Mozilla\Firefox\Profiles\tjj26bf8.default
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-06] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3264414195-358430586-3417125571-1001: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll [2011-07-31] (Vitzo)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-12-17] (Apple Inc.)
FF Extension: ScanQuery - C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} [2011-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-18]
FF HKLM\...\Firefox\Extensions: [ClickPotatoLite@ClickPotatoLite.com] - C:\Program Files\ClickPotatoLite\bin\10.0.668.0\firefox\extensions
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox

Chrome:
=======
CHR Profile: C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (uTorrentBar_DE) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc [2015-04-06]
CHR Extension: (Google Wallet) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [2011-06-23]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-04-06]
CHR HKLM\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Altan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-06-30]
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader11.crx [Not Found]
CHR HKU\S-1-5-21-3264414195-358430586-3417125571-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Altan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-06-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-04-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-06] (Avast Software)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-06-16] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-29] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-04-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-04-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-04-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-04-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-07-22] ()
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-07-22] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1521544 2010-04-16] (Syntek)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220240 2015-04-06] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-06 22:10 - 2015-04-06 22:11 - 00032120 _____ () C:\Users\Altan\Desktop\Addition.txt
2015-04-06 22:08 - 2015-04-06 22:12 - 00018431 _____ () C:\Users\Altan\Desktop\FRST.txt
2015-04-06 22:08 - 2015-04-06 22:11 - 00000000 ____D () C:\FRST
2015-04-06 22:08 - 2015-04-06 22:09 - 00380416 _____ () C:\Users\Altan\Desktop\Gmer-19357.exe
2015-04-06 22:07 - 2015-04-06 22:07 - 00000472 _____ () C:\Users\Altan\Desktop\defogger_disable.log
2015-04-06 22:07 - 2015-04-06 22:07 - 00000000 _____ () C:\Users\Altan\defogger_reenable
2015-04-06 22:06 - 2015-04-06 22:06 - 01135104 _____ (Farbar) C:\Users\Altan\Desktop\FRST.exe
2015-04-06 22:06 - 2015-04-06 22:06 - 00000000 ____D () C:\Users\Altan\Downloads\Neuer Ordner
2015-04-06 22:05 - 2015-04-06 22:05 - 00050477 _____ () C:\Users\Altan\Desktop\Defogger.exe
2015-04-06 21:16 - 2015-04-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-06 21:14 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-04-06 21:11 - 2015-04-06 21:11 - 00000000 ____D () C:\Program Files\Microsoft Works
2015-04-06 21:10 - 2015-04-06 21:10 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2015-04-06 21:04 - 2015-04-06 21:04 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2015-04-06 21:01 - 2015-04-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-06 21:01 - 2015-04-06 21:01 - 00000000 ____D () C:\Users\Altan\AppData\Local\Microsoft Help
2015-04-06 20:59 - 2015-04-06 20:59 - 00000000 __RHD () C:\MSOCache
2015-04-06 18:49 - 2015-04-06 18:50 - 00000000 ____D () C:\Program Files\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00001819 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-06 18:33 - 2015-04-06 18:41 - 00000000 ___RD () C:\Users\Altan\Eigene Musik
2015-04-06 18:33 - 2015-04-06 18:33 - 00000000 ___RD () C:\Users\Altan\Eigene Dokumente
2015-04-06 18:22 - 2015-04-06 18:32 - 00000000 ___RD () C:\Users\Altan\Eigene Bilder
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung DG
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3OG.rechts
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3 OG rechts 1
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\vorbereitungen fürs abi
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Universe Sandbox
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Ulead VideoStudio SE
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\studium
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\rezepte
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\OneNote-Notizbücher
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\DVDVideoSoft
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Corel User Files
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Bewerbung Alt4n
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Altan Bewerbung
2015-04-06 18:22 - 2015-04-03 15:46 - 39981374 _____ () C:\Users\Altan\14005_lenord_bauer_imagefilm_2014_Lenord,Bauer.webm
2015-04-06 18:22 - 2014-12-31 13:49 - 00048128 _____ () C:\Users\Altan\Abfallkalender 2014-2.xls
2015-04-06 18:22 - 2014-12-10 20:50 - 00006292 _____ () C:\Users\Altan\Telefunken V 660_1, V 661_1 und V 662_1 Anleitung.htm
2015-04-06 18:22 - 2014-06-15 17:05 - 00043520 _____ () C:\Users\Altan\Abfallkalender 2014.xls
2015-04-06 18:22 - 2013-07-08 17:20 - 02092792 _____ () C:\Users\Altan\avira_free_antivirus.exe
2015-04-06 18:22 - 2013-06-26 09:24 - 00039936 _____ () C:\Users\Altan\Abfallkalender 2012-2.xls
2015-04-06 18:22 - 2013-05-18 11:26 - 00002148 _____ () C:\Users\Altan\zivtserv.rdp
2015-04-06 18:22 - 2011-12-27 15:24 - 00024576 _____ () C:\Users\Altan\Abfallkalender 2012.xls
2015-04-06 18:22 - 2011-06-19 20:58 - 00024576 _____ () C:\Users\Altan\Kalender1.2010.xls
2015-04-06 18:22 - 2010-11-24 22:32 - 00011811 _____ () C:\Users\Altan\Skoda Octavia.wpd
2015-04-06 18:22 - 2010-06-20 10:36 - 00014336 _____ () C:\Users\Altan\Mappe1.xls
2015-04-06 18:22 - 2010-01-31 20:17 - 02551089 _____ () C:\Users\Altan\LebenslaufPers.wpd
2015-04-06 18:22 - 2009-12-26 13:43 - 00023040 _____ () C:\Users\Altan\Kalender.xls
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner2
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\NeroVision
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 __RSD () C:\Users\Altan\My Stationery
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\My Digital Editions
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\kleider
2015-04-06 18:20 - 2015-04-06 17:16 - 00000000 ____D () C:\Users\Altan\My Art
2015-04-06 18:19 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\Iris Kamera
2015-04-06 18:19 - 2015-04-06 18:19 - 00000000 ____D () C:\Users\Altan\gegl-0.0
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-04-06 18:02 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Wohnung 3OG. rechts
2015-04-06 18:02 - 2015-04-06 16:56 - 00000000 ____D () C:\Users\Altan\Desktop\Neuer Ordner (2)
2015-04-06 18:01 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Neuer Ordner
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Canan´s Fotos
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Bafög
2015-04-06 17:57 - 2015-04-06 17:57 - 00000000 ____D () C:\Users\Altan\Documents\Ulead VideoStudio SE
2015-04-06 15:42 - 2015-04-06 15:45 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-06 15:38 - 2015-04-06 15:38 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\AVAST Software
2015-04-06 15:33 - 2015-04-06 15:33 - 00002018 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-06 15:31 - 2015-04-06 15:25 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-04-06 15:31 - 2015-04-06 15:24 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-04-06 15:31 - 2015-04-06 15:24 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-04-06 15:31 - 2013-08-20 11:15 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-04-06 15:31 - 2013-08-20 11:15 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-04-06 15:30 - 2015-04-06 15:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-06 15:30 - 2015-04-06 15:28 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-06 15:30 - 2015-04-06 15:28 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-06 15:29 - 2015-04-06 15:28 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-06 15:28 - 2015-04-06 15:28 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-06 15:25 - 2015-04-06 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-06 15:24 - 2015-04-06 15:33 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-06 15:23 - 2015-04-06 15:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-06 15:22 - 2015-04-06 15:28 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-06 15:22 - 2015-04-06 15:28 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-06 14:21 - 2015-04-06 14:21 - 06103040 _____ () C:\Program Files\GUTB606.tmp
2015-04-06 14:21 - 2015-04-06 14:21 - 00000000 ____D () C:\Program Files\GUMB5F6.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-06 22:07 - 2010-07-22 19:39 - 00000000 ____D () C:\Users\Altan
2015-04-06 22:06 - 2010-07-26 22:38 - 00000000 ____D () C:\Users\Altan\AppData\Local\Mozilla
2015-04-06 21:55 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-06 21:55 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-06 21:51 - 2010-11-14 19:07 - 01819257 _____ () C:\Windows\WindowsUpdate.log
2015-04-06 21:50 - 2010-07-22 19:43 - 00127048 _____ () C:\Users\Altan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-06 21:48 - 2010-08-30 16:48 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-06 21:47 - 2010-11-19 12:45 - 00000000 ____D () C:\Windows\Minidump
2015-04-06 21:47 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-06 21:46 - 2013-03-21 21:13 - 00008522 _____ () C:\Windows\setupact.log
2015-04-06 21:46 - 2009-07-14 06:33 - 00463008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-06 21:45 - 2013-08-19 19:14 - 322491273 _____ () C:\Windows\MEMORY.DMP
2015-04-06 21:45 - 2013-03-25 11:06 - 00199066 _____ () C:\Windows\PFRO.log
2015-04-06 21:21 - 2010-08-30 16:48 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-06 21:20 - 2012-03-31 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-06 21:11 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-06 21:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-06 21:10 - 2010-05-26 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-06 21:10 - 2009-07-14 09:48 - 00000000 ____D () C:\Windows\ShellNew
2015-04-06 21:08 - 2010-09-14 12:54 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-04-06 21:03 - 2009-07-14 04:04 - 00000499 _____ () C:\Windows\win.ini
2015-04-06 21:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-06 20:56 - 2011-02-24 20:54 - 00267776 ___SH () C:\Users\Altan\Thumbs.db
2015-04-06 20:53 - 2010-08-30 16:48 - 00000000 ____D () C:\Users\Altan\AppData\Local\Google
2015-04-06 19:50 - 2011-03-12 11:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-06 18:25 - 2012-03-31 10:49 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-06 18:25 - 2011-05-20 18:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-06 18:18 - 2013-08-19 19:22 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-06 18:11 - 2010-07-22 20:52 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\Adobe
2015-04-06 18:11 - 2010-05-26 10:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-04-06 18:11 - 2010-05-26 10:51 - 00000000 ____D () C:\Program Files\Adobe
2015-04-06 18:10 - 2010-08-23 18:28 - 00000000 ____D () C:\Users\Altan\AppData\Local\Adobe
2015-04-06 15:54 - 2010-05-26 08:00 - 01614036 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-06 15:32 - 2010-07-28 18:23 - 00000000 ____D () C:\Program Files\Java
2015-04-06 15:28 - 2012-06-01 20:29 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-06 15:27 - 2011-04-18 21:07 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-06 15:24 - 2013-08-20 11:15 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-04-06 15:22 - 2010-05-26 10:22 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-04-06 15:22 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
2015-04-06 15:21 - 2010-05-26 10:22 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-04-06 14:21 - 2015-04-06 14:21 - 6103040 _____ () C:\Program Files\GUTB606.tmp
2011-06-23 18:28 - 2010-01-26 11:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-07-13 15:57 - 2011-07-13 15:57 - 0138056 _____ () C:\Users\Altan\AppData\Roaming\PnkBstrK.sys
2011-07-16 21:19 - 2011-07-16 21:19 - 0000022 ___SH () C:\Users\Altan\AppData\Roaming\Sys2662.Config.Repository.bin
2011-09-09 16:30 - 2012-05-26 22:02 - 0077824 _____ () C:\Users\Altan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-01 19:07 - 2010-11-01 19:07 - 0007597 _____ () C:\Users\Altan\AppData\Local\Resmon.ResmonCfg
2011-11-02 21:07 - 2011-11-02 21:07 - 0000000 _____ () C:\Users\Altan\AppData\Local\{A4D1F345-121F-4A33-AA27-83EC8C707EF1}
2011-06-23 18:28 - 2011-03-03 16:50 - 0009662 _____ () C:\ProgramData\BeRuby.ico
2011-06-23 18:28 - 2010-07-20 13:53 - 0071926 _____ () C:\ProgramData\MercadoLivre.ico
2011-09-09 16:28 - 2011-09-09 16:28 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Altan\avira_free_antivirus.exe


Some content of TEMP:
====================
C:\Users\Altan\AppData\Local\Temp\CheatEngine63Clean.exe
C:\Users\Altan\AppData\Local\Temp\DeltaTB.exe
C:\Users\Altan\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Altan\AppData\Local\Temp\pricepeep_130001_0101.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-18 18:07

==================== End Of Log ============================
Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Altan at 2015-04-06 22:12:26
Running from C:\Users\Altan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader 9.5.4 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.4 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO Codecs (Version: 11.6.0.51125 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{CDEE9257-8FEB-7BAF-B28F-C4737036D674}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.804.0 - ATI Technologies) Hidden
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2215 - AVAST Software)
ccc-core-static (Version: 2010.1125.2148.39102 - Ihr Firmenname) Hidden
GIMP 2.6.10 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
GlassFish Server Open Source Edition 3.0.1 (HKLM\...\nbi-glassfish-mod-3.0.1.22.0) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Earth (HKLM\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (Version: 1.3.21.153 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Internet-TV für Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IsoBuster 3.0 (HKLM\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java DB 10.5.3.0 (HKLM\...\{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}) (Version: 10.5.3.0 - Sun Microsystems, Inc)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) SE Development Kit 6 Update 20 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
jv16 PowerTools 2011 (HKLM\...\jv16 PowerTools 2011) (Version:  - Macecraft Software)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Tipard MKV Video Converter 6.1.12 (HKLM\...\Tipard MKV Video Converter_is1) (Version:  - )
Ulead VideoStudio SE DVD (HKLM\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
USB2.0 Grabber (HKLM\...\{45518B6D-9DDF-4144-83E4-A56762524F35}) (Version: 7.12.000.002 - Youyan)
VDownloader 3.9.1154 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
Video Downloader (HKLM\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WMV9/VC-1 Video Playback (Version: 1.0.51125.2159 - ATI Technologies Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3264414195-358430586-3417125571-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Altan\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3264414195-358430586-3417125571-1001_Classes\CLSID\{33370786-2876-5ab2-8da1-2c63f8dadfc1}\InprocServer32 -> C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
CustomCLSID: HKU\S-1-5-21-3264414195-358430586-3417125571-1001_Classes\CLSID\{597CAA70-72AA-11CF-831E-524153480000}\localserver32 -> C:\PROGRA~1\MACROM~1\FLASHM~1\Flash.exe No File
CustomCLSID: HKU\S-1-5-21-3264414195-358430586-3417125571-1001_Classes\CLSID\{5e2121ee-0300-11d4-8d3b-444553540000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3264414195-358430586-3417125571-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Altan\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0778F4DA-D611-4CFB-B529-B7CCC145AEAA} - System32\Tasks\{3CB15C32-AAD4-4B82-B36A-F157A4497DF1} => pcalua.exe -a C:\Users\Altan\AppData\Roaming\Mozilla\Firefox\Profiles\vie6ho8d.default\extensions\DivXWebPlayer@divx.com\DivXWebPlayerInstaller.exe -d "C:\Program Files\Mozilla Firefox"
Task: {116F0716-72C0-4EA7-8BD8-535D693AB301} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {205634E5-7EE8-4CD5-8F1D-B437187B60E1} - System32\Tasks\{B635F8A2-BA85-4027-88FD-10926D20115A} => pcalua.exe -a C:\Users\Altan\AppData\Local\Temp\Temp1_id3pic4.zip\INSTALL.exe
Task: {2BC52AF0-154C-4DFF-82C4-6477EFA9B856} - System32\Tasks\{B1A5C00A-11A2-4F06-A044-8840C61A05F1} => pcalua.exe -a "C:\Users\Altan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9G4HZ20K\TagesSetup[1].exe" -d C:\Users\Altan\Desktop
Task: {36FEFFD0-4B7B-404A-98DE-48CF29A13523} - System32\Tasks\{BE79B9B9-F177-4ED1-B461-BD65FA634FB2} => pcalua.exe -a C:\Users\Altan\Downloads\lbz3d.exe -d C:\Users\Altan\Downloads
Task: {596C44C0-9D41-4F75-BC01-AAFE872605E4} - System32\Tasks\{3142B1C9-3B5B-4971-8D6D-DD9F7D8E1210} => pcalua.exe -a C:\Users\Altan\Downloads\GTA_IV_Patch_1\Content\setup.exe -d C:\Users\Altan\Downloads\GTA_IV_Patch_1\Content
Task: {5D41AF85-30AE-40D8-A023-149FB0803A69} - System32\Tasks\{395A5A2F-893E-4FE4-AE4E-3D1D77FAEE15} => C:\Users\Altan\Desktop\Altan\San Andreas\gta_sa.exe
Task: {7A4DC5DC-2FF5-4B0A-8510-0104791730E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-06] (Google Inc.)
Task: {7E8CF276-A9D4-4589-B970-93A2790653D5} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-04-06] (Avast Software s.r.o.)
Task: {890ACCFE-6876-42ED-81B1-735DC2849DEE} - System32\Tasks\{7478D7BE-A3A5-405E-A5CE-E37A18628288} => pcalua.exe -a E:\Support\DrvSetup.exe -d E:\Support
Task: {9AB46114-39FC-466F-B2BB-C90A41C45132} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-06] (Adobe Systems Incorporated)
Task: {AB110A81-5A1A-4CAB-8575-FB4588BBFB2E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B2FA56F8-783B-430B-A02D-6F8E4C67470D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-06] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-07-13 15:56 - 2012-06-16 15:16 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2011-01-09 19:46 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2015-04-06 15:28 - 2015-04-06 15:28 - 40540672 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2015-04-06 15:28 - 2015-04-06 15:28 - 00104400 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-04-06 15:27 - 2015-04-06 15:27 - 00081728 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-04-06 18:18 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-06 18:18 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-06 18:18 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\pdf.dll
2010-11-25 22:46 - 2010-11-25 22:46 - 00243712 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-04-06 15:32 - 2015-04-06 15:32 - 02923520 _____ () C:\Program Files\Alwil Software\Avast5\defs\15040600\algo.dll
2015-04-06 21:54 - 2015-04-06 21:54 - 02923520 _____ () C:\Program Files\Alwil Software\Avast5\defs\15040601\algo.dll
2015-04-06 18:18 - 2015-03-30 23:07 - 14974280 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Altan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Altan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: RGSC => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

==================== Accounts: =============================

Administrator (S-1-5-21-3264414195-358430586-3417125571-500 - Administrator - Disabled)
Altan (S-1-5-21-3264414195-358430586-3417125571-1001 - Administrator - Enabled) => C:\Users\Altan
Gast (S-1-5-21-3264414195-358430586-3417125571-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3264414195-358430586-3417125571-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2015 09:47:20 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\ole32.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows Logon User Interface Host wurde wegen dieses Fehlers geschlossen.

Programm: Windows Logon User Interface Host
Datei: C:\Windows\System32\ole32.dll

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
        - diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
        - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000010
Datenträgertyp: 3

Error: (04/06/2015 09:47:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79505
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000006
Fehleroffset: 0x000a800c
ID des fehlerhaften Prozesses: 0x38c
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3

Error: (04/06/2015 09:18:32 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (04/06/2015 08:58:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {b48b6a64-79ba-416f-934d-79dcc1488941}

Error: (04/06/2015 03:47:40 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\dbgeng.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Problemberichterstattung wurde wegen dieses Fehlers geschlossen.

Programm: Windows-Problemberichterstattung
Datei: C:\Windows\System32\dbgeng.dll

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
        - diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
        - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000010
Datenträgertyp: 3

Error: (04/06/2015 03:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc2d9
Name des fehlerhaften Moduls: dbgeng.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b7bb
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00142b97
ID des fehlerhaften Prozesses: 0x17cc
Startzeit der fehlerhaften Anwendung: 0xWerFault.exe0
Pfad der fehlerhaften Anwendung: WerFault.exe1
Pfad des fehlerhaften Moduls: WerFault.exe2
Berichtskennung: WerFault.exe3

Error: (04/06/2015 03:47:34 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\sppobjs.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Softwareschutzplattform-Dienst von Microsoft wurde wegen dieses Fehlers geschlossen.

Programm: Softwareschutzplattform-Dienst von Microsoft
Datei: C:\Windows\System32\sppobjs.dll

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
        - diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
        - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000010
Datenträgertyp: 3

Error: (04/06/2015 03:47:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sppsvc.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b048
Name des fehlerhaften Moduls: sppsvc.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b048
Ausnahmecode: 0xc0000006
Fehleroffset: 0x000dcb8e
ID des fehlerhaften Prozesses: 0xc08
Startzeit der fehlerhaften Anwendung: 0xsppsvc.exe0
Pfad der fehlerhaften Anwendung: sppsvc.exe1
Pfad des fehlerhaften Moduls: sppsvc.exe2
Berichtskennung: sppsvc.exe3

Error: (04/06/2015 03:47:34 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\dbgeng.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Problemberichterstattung wurde wegen dieses Fehlers geschlossen.

Programm: Windows-Problemberichterstattung
Datei: C:\Windows\System32\dbgeng.dll

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
        - diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
        - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000010
Datenträgertyp: 3

Error: (04/06/2015 03:47:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc2d9
Name des fehlerhaften Moduls: dbgeng.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b7bb
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00142b97
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xWerFault.exe0
Pfad der fehlerhaften Anwendung: WerFault.exe1
Pfad des fehlerhaften Moduls: WerFault.exe2
Berichtskennung: WerFault.exe3


System errors:
=============
Error: (04/06/2015 10:03:59 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:03:59 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:32 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:29 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:26 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:23 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:20 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:16 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:14 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (04/06/2015 10:00:10 PM) (Source: amdsata) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 925 Processor
Percentage of memory in use: 47%
Total physical RAM: 3326.3 MB
Available physical RAM: 1746.99 MB
Total Pagefile: 6650.9 MB
Available Pagefile: 4787.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.54 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1366.17 GB) (Free:1100.4 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:7.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: FF404C3B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1366.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
Gmer
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-06 22:40:27
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\00000061 WDC_WD15 rev.80.0 1397,27GB
Running: Gmer-19357.exe; Driver: C:\Users\Altan\AppData\Local\Temp\pwdorpow.sys


---- System - GMER 2.1 ----

SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwAddBootEntry [0x92226ACC]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwAllocateVirtualMemory [0x922E3464]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwAssignProcessToJobObject [0x922275AA]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateEvent [0x922336A0]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateEventPair [0x922336EC]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateIoCompletion [0x92233886]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateMutant [0x9223360E]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwCreateSection [0x922E383E]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateSemaphore [0x92233656]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwCreateThread [0x922E3ACE]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwCreateThreadEx [0x922E3BB8]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateTimer [0x92233840]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwDebugActiveProcess [0x92228398]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwDeleteBootEntry [0x92226B32]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwDuplicateObject [0x922E3CBC]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwFreeVirtualMemory [0x922E353C]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwLoadDriver [0x922E08D6]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwMapViewOfSection [0x922E391E]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwModifyBootEntry [0x92226B98]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwNotifyChangeKey [0x9222BFE0]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwNotifyChangeMultipleKeys [0x92228EDC]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenEvent [0x922336CA]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenEventPair [0x9223370E]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenIoCompletion [0x922338AA]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenMutant [0x92233634]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenProcess [0x9222B4E2]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenSection [0x922337BE]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenSemaphore [0x9223367E]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenThread [0x9222B8CE]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenTimer [0x92233864]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwProtectVirtualMemory [0x922E36BC]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwQueryObject [0x92228CF4]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwQueueApcThreadEx [0x92228A02]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetBootEntryOrder [0x92226BFE]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetBootOptions [0x92226C64]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwSetContextThread [0x922E3A1A]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetSystemInformation [0x922267B8]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetSystemPowerState [0x9222698A]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwShutdownSystem [0x92226918]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSuspendProcess [0x92228562]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSuspendThread [0x922286C4]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSystemDebugControl [0x92226A12]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwTerminateProcess [0x922E378A]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwTerminateThread [0x922281F2]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwUnloadDriver [0x922E0906]
SSDT  \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwVdmControl [0x92226CCA]
SSDT  \SystemRoot\system32\drivers\aswSP.sys                                                              ZwWriteVirtualMemory [0x922E35EE]

---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                            82E77A15 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                              82EB1212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 10CB                                                                82EB8460 4 Bytes  [CC, 6A, 22, 92] {INT 3 ; PUSH 0x22; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 10F3                                                                82EB8488 4 Bytes  [64, 34, 2E, 92] {XOR AL, 0x2e; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1153                                                                82EB84E8 4 Bytes  [AA, 75, 22, 92] {STOSB ; JNZ 0x25; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11A7                                                                82EB853C 8 Bytes  [A0, 36, 23, 92, EC, 36, 23, ...]
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11B3                                                                82EB8548 4 Bytes  [86, 38, 23, 92]
.text  ...                                                                                               
PAGE  ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108                                                        830734CF 4 Bytes  CALL 922295C3 \SystemRoot\system32\drivers\aswSnx.sys
PAGE  ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122                                                        8308D323 4 Bytes  CALL 922295D9 \SystemRoot\system32\drivers\aswSnx.sys
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                            section is writeable [0x92E0E000, 0x3617E0, 0xE8000020]
.text  C:\Windows\system32\DRIVERS\atksgt.sys                                                              section is writeable [0xA3A1E300, 0x3B6D8, 0xE8000020]
.text  C:\Windows\system32\DRIVERS\lirsgt.sys                                                              section is writeable [0xA3A61300, 0x1BEE, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text  C:\Program Files\Alwil Software\Avast5\AvastUI.exe[4012] kernel32.dll!SetUnhandledExceptionFilter  75A0F4FB 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text  C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[4968] kernel32.dll!SetUnhandledExceptionFilter  75A0F4FB 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }

---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0                                                                              unknown MBR code

---- EOF - GMER 2.1 ----
Ich bedank mich schonmal im vorraus :)

schrauber 07.04.2015 06:18
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Jabba131 07.04.2015 13:02
Hi,
Beim scannen mit malwarebytes ist plötzlich der Bildschirm total verzerrt und nichts ging mehr. Deswegen hab ich das mal ausgelassen.
TDSSKiller hat eine infizierte Datei gefunden.

TDSSKiller
Code:
10:56:20.0066 0x1118  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:56:36.0635 0x1118  ============================================================
10:56:36.0635 0x1118  Current date / time: 2015/04/07 10:56:36.0635
10:56:36.0635 0x1118  SystemInfo:
10:56:36.0635 0x1118 
10:56:36.0635 0x1118  OS Version: 6.1.7601 ServicePack: 1.0
10:56:36.0635 0x1118  Product type: Workstation
10:56:36.0635 0x1118  ComputerName: ALTAN-PC
10:56:36.0635 0x1118  UserName: Altan
10:56:36.0635 0x1118  Windows directory: C:\Windows
10:56:36.0635 0x1118  System windows directory: C:\Windows
10:56:36.0635 0x1118  Processor architecture: Intel x86
10:56:36.0635 0x1118  Number of processors: 4
10:56:36.0635 0x1118  Page size: 0x1000
10:56:36.0635 0x1118  Boot type: Normal boot
10:56:36.0635 0x1118  ============================================================
10:56:50.0518 0x1118  KLMD registered as C:\Windows\system32\drivers\95961637.sys
10:56:51.0175 0x1118  System UUID: {3B655EE8-A230-AE91-FEF8-5FE9B6C1B206}
10:56:52.0100 0x1118  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:56:52.0234 0x1118  ============================================================
10:56:52.0234 0x1118  \Device\Harddisk0\DR0:
10:56:52.0238 0x1118  MBR partitions:
10:56:52.0238 0x1118  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:56:52.0238 0x1118  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAAC54800
10:56:52.0238 0x1118  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAAC87000, BlocksNum 0x3C00000
10:56:52.0238 0x1118  ============================================================
10:56:52.0281 0x1118  C: <-> \Device\Harddisk0\DR0\Partition2
10:56:52.0385 0x1118  D: <-> \Device\Harddisk0\DR0\Partition3
10:56:52.0386 0x1118  ============================================================
10:56:52.0386 0x1118  Initialize success
10:56:52.0386 0x1118  ============================================================
10:57:37.0742 0x13b0  ============================================================
10:57:37.0742 0x13b0  Scan started
10:57:37.0742 0x13b0  Mode: Manual; SigCheck; TDLFS;
10:57:37.0742 0x13b0  ============================================================
10:57:37.0742 0x13b0  KSN ping started
10:57:51.0084 0x13b0  KSN ping finished: true
10:58:03.0417 0x13b0  ================ Scan system memory ========================
10:58:03.0417 0x13b0  System memory - ok
10:58:03.0418 0x13b0  ================ Scan services =============================
10:58:06.0213 0x13b0  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:58:06.0328 0x13b0  1394ohci - ok
10:58:06.0447 0x13b0  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:58:06.0484 0x13b0  ACPI - ok
10:58:06.0576 0x13b0  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
10:58:06.0659 0x13b0  AcpiPmi - ok
10:58:06.0978 0x13b0  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:58:07.0356 0x13b0  AdobeFlashPlayerUpdateSvc - ok
10:58:07.0916 0x13b0  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
10:58:08.0012 0x13b0  adp94xx - ok
10:58:08.0172 0x13b0  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
10:58:08.0228 0x13b0  adpahci - ok
10:58:08.0344 0x13b0  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
10:58:08.0402 0x13b0  adpu320 - ok
10:58:08.0483 0x13b0  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
10:58:08.0622 0x13b0  AeLookupSvc - ok
10:58:08.0765 0x13b0  [ 9EBBBA55060F786F0FCAA3893BFA2806, 2E5A0FA2995989E9391771024839F5AD040A041CEE56787286D8FC421E26FE90 ] AFD            C:\Windows\system32\drivers\afd.sys
10:58:08.0870 0x13b0  AFD - ok
10:58:09.0020 0x13b0  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
10:58:09.0090 0x13b0  agp440 - ok
10:58:09.0135 0x13b0  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx        C:\Windows\system32\DRIVERS\djsvs.sys
10:58:09.0146 0x13b0  aic78xx - ok
10:58:09.0172 0x13b0  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG            C:\Windows\System32\alg.exe
10:58:09.0229 0x13b0  ALG - ok
10:58:09.0855 0x13b0  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:58:09.0984 0x13b0  aliide - ok
10:58:10.0133 0x13b0  [ 0DB03D8F29420B2B6716436A28E79C68, 15F495AAC3FC5E369BA0DA9916C9A8854E42906311C077395C6306D18ADC71C4 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:58:10.0316 0x13b0  AMD External Events Utility - ok
10:58:10.0859 0x13b0  [ 9FE76D783A7D47965D086A220B54277B, 606D86B0F9314D2BB217F95EB883263912203171D4D460DD500317405A4B2F9C ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
10:58:10.0888 0x13b0  AMD Reservation Manager - ok
10:58:10.0952 0x13b0  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:58:11.0066 0x13b0  amdagp - ok
10:58:11.0126 0x13b0  [ 211FCE336502911EC03FC15A91344C98, 65D926525E1ECDA13459F5054157A374B72A35A52F5C4980A6DEDBA67C3DA79C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
10:58:11.0151 0x13b0  amdide - ok
10:58:11.0452 0x13b0  [ FF258424F0B2EF25EB98F04EE386E6E3, 09DC3854BF0D52FB80AB08DC4E0DD4A9E37ACAA500083A56F9836C837EBCFA82 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
10:58:11.0478 0x13b0  amdiox86 - ok
10:58:11.0617 0x13b0  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
10:58:11.0834 0x13b0  AmdK8 - ok
10:58:12.0265 0x13b0  [ 8FD111119BE6924B1B8C3976FAC1B535, DC4DF8A7C4AD0C3DECF53370791C42AB0F5144039BB793BDC133F6AE32A9AAFE ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:58:13.0326 0x13b0  amdkmdag - ok
10:58:13.0395 0x13b0  [ C9B705FF53B15DD71F6A4D4F45396EDD, C72E0B4B4A32C9D8BF665D61EC7D1EA13CDC46262BF459EEFC653F3F56C4D954 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:58:13.0730 0x13b0  amdkmdap - ok
10:58:13.0934 0x13b0  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:58:14.0164 0x13b0  AmdPPM - ok
10:58:14.0213 0x13b0  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
10:58:14.0224 0x13b0  amdsata - ok
10:58:14.0372 0x13b0  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:58:14.0506 0x13b0  amdsbs - ok
10:58:14.0542 0x13b0  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
10:58:14.0574 0x13b0  amdxata - ok
10:58:14.0695 0x13b0  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID          C:\Windows\system32\drivers\appid.sys
10:58:14.0936 0x13b0  AppID - ok
10:58:15.0087 0x13b0  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:58:15.0208 0x13b0  AppIDSvc - ok
10:58:15.0269 0x13b0  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo        C:\Windows\System32\appinfo.dll
10:58:15.0353 0x13b0  Appinfo - ok
10:58:15.0409 0x13b0  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc            C:\Windows\system32\DRIVERS\arc.sys
10:58:15.0436 0x13b0  arc - ok
10:58:15.0466 0x13b0  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:58:15.0496 0x13b0  arcsas - ok
10:58:15.0976 0x13b0  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:58:15.0996 0x13b0  aspnet_state - ok
10:58:16.0267 0x13b0  [ FE99FCB91E93BC4A7E222928A06411DE, C0F9A2A6324B17D435A7C62EB133E3E529D5622ED83C65E48F092CAB79D9A787 ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
10:58:16.0318 0x13b0  aswHwid - ok
10:58:16.0403 0x13b0  [ 5D70C1C6C61C5A034BD086AD219A0237, 318C3CC5AF2A4B99C6C3938B36C95ECA63EABC5E93A2A3D7C729BA0BF191CDF1 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
10:58:16.0420 0x13b0  aswMonFlt - ok
10:58:16.0616 0x13b0  [ 456106F51D03D99A8C65BFC0E37E3D0B, AC616957C299DF452E37ACB1C77F20A50AD4B23AD07BF09951817EF8B460A6D6 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
10:58:16.0653 0x13b0  aswRdr - ok
10:58:16.0852 0x13b0  [ 74E84C8CEB52042E8A1EA3104D151843, B9D1ADC6A0FF31EE18E2EECCCC3D98C41FAE9E37295A0F555DAB59D0B6028A6E ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
10:58:16.0924 0x13b0  aswRvrt - ok
10:58:17.0495 0x13b0  [ 48FA0C8E04A37A619C894A1C02D5AB96, F79C7252D0C578F827EED28630D97F2B5E3B361F920AF626343D8A71CDD86288 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
10:58:17.0614 0x13b0  aswSnx - ok
10:58:17.0960 0x13b0  [ 2AB454C9C10C427738426C06D3749361, BC604BC9006CF52520FA962055F391A806B7452639640F13516B151E34517643 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
10:58:18.0015 0x13b0  aswSP - ok
10:58:18.0100 0x13b0  [ F7D2CE852966935E2F85C3DB4D50D3A5, BE41E9849380BC047B145B8AC7A402C223A901D39CA349F5D2A070C890B7DCE6 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
10:58:18.0119 0x13b0  aswStm - ok
10:58:18.0208 0x13b0  [ 0AE22EAD6B30E448160338E708BCB71D, 4657A7C60635B916FFBC0A731D52E944FDDE6B052AD0DBD0848C3C7A5C15DD0D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
10:58:18.0267 0x13b0  aswVmm - ok
10:58:18.0357 0x13b0  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:58:18.0392 0x13b0  AsyncMac - ok
10:58:18.0486 0x13b0  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi          C:\Windows\system32\drivers\atapi.sys
10:58:18.0495 0x13b0  atapi - ok
10:58:18.0686 0x13b0  [ C822C615B2F693EF4E5B355432976A81, 49C9B69F1EF5F022259C02EAE67B5C144E6C66A53DA3506CBD5025129F7BAA6F ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
10:58:18.0721 0x13b0  AtiHdmiService - ok
10:58:18.0852 0x13b0  [ B73C832088DD54B55E04FF6F9646AD8C, 52A9F9240FAFB2F50E48579F02221CC0D6872F834104F91EF63ADC6AA82A2CD0 ] AtiPcie        C:\Windows\system32\DRIVERS\AtiPcie.sys
10:58:18.0883 0x13b0  AtiPcie - ok
10:58:19.0084 0x13b0  [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
10:58:19.0135 0x13b0  atksgt - ok
10:58:19.0308 0x13b0  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:58:19.0424 0x13b0  AudioEndpointBuilder - ok
10:58:19.0438 0x13b0  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:58:19.0470 0x13b0  Audiosrv - ok
10:58:19.0986 0x13b0  [ 210A326658D72D7F2EE2267F3D9C44D4, 25BC620209B5F4BCF5C3F323290E41255F68660F3DFF901FA5A78423A7293D73 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
10:58:20.0044 0x13b0  avast! Antivirus - ok
10:58:20.0274 0x13b0  [ 5019A83BE87FD8B60F7333901BFD35E5, 674DF51CAA1B6C0BC9CA9755B3BC5A9A71C583BD7C7A2826BD280E107B855092 ] AvastVBoxSvc    C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
10:58:20.0445 0x13b0  AvastVBoxSvc - ok
10:58:20.0498 0x13b0  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:58:20.0544 0x13b0  AxInstSV - ok
10:58:20.0604 0x13b0  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbdx.sys
10:58:20.0671 0x13b0  b06bdrv - ok
10:58:20.0895 0x13b0  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
10:58:22.0985 0x13b0  b57nd60x - ok
10:58:23.0389 0x13b0  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
10:58:23.0901 0x13b0  BDESVC - ok
10:58:24.0211 0x13b0  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:58:24.0994 0x13b0  Beep - ok
10:58:25.0647 0x13b0  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE            C:\Windows\System32\bfe.dll
10:58:25.0996 0x13b0  BFE - ok
10:58:26.0896 0x13b0  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
10:58:28.0201 0x13b0  BITS - ok
10:58:28.0464 0x13b0  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:58:28.0624 0x13b0  blbdrive - ok
10:58:28.0716 0x13b0  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:58:28.0859 0x13b0  bowser - ok
10:58:28.0938 0x13b0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:58:29.0402 0x13b0  BrFiltLo - ok
10:58:29.0503 0x13b0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:58:29.0563 0x13b0  BrFiltUp - ok
10:58:29.0738 0x13b0  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser        C:\Windows\System32\browser.dll
10:58:29.0852 0x13b0  Browser - ok
10:58:29.0964 0x13b0  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
10:58:30.0132 0x13b0  Brserid - ok
10:58:30.0262 0x13b0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:58:30.0430 0x13b0  BrSerWdm - ok
10:58:30.0517 0x13b0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:58:30.0578 0x13b0  BrUsbMdm - ok
10:58:30.0625 0x13b0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:58:30.0778 0x13b0  BrUsbSer - ok
10:58:31.0362 0x13b0  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:58:32.0094 0x13b0  BTHMODEM - ok
10:58:32.0268 0x13b0  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv        C:\Windows\system32\bthserv.dll
10:58:32.0400 0x13b0  bthserv - ok
10:58:32.0502 0x13b0  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:58:32.0590 0x13b0  cdfs - ok
10:58:32.0941 0x13b0  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
10:58:33.0175 0x13b0  cdrom - ok
10:58:33.0848 0x13b0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc    C:\Windows\System32\certprop.dll
10:58:34.0209 0x13b0  CertPropSvc - ok
10:58:34.0375 0x13b0  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:58:34.0451 0x13b0  circlass - ok
10:58:34.0562 0x13b0  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
10:58:34.0600 0x13b0  CLFS - ok
10:58:35.0996 0x13b0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:58:36.0489 0x13b0  clr_optimization_v2.0.50727_32 - ok
10:58:38.0263 0x13b0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:58:38.0287 0x13b0  clr_optimization_v4.0.30319_32 - ok
10:58:38.0517 0x13b0  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:58:38.0965 0x13b0  CmBatt - ok
10:58:39.0182 0x13b0  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:58:39.0721 0x13b0  cmdide - ok
10:58:40.0179 0x13b0  [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG            C:\Windows\system32\Drivers\cng.sys
10:58:40.0276 0x13b0  CNG - ok
10:58:40.0358 0x13b0  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:58:40.0589 0x13b0  Compbatt - ok
10:58:40.0695 0x13b0  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:58:40.0763 0x13b0  CompositeBus - ok
10:58:40.0809 0x13b0  COMSysApp - ok
10:58:40.0871 0x13b0  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
10:58:40.0914 0x13b0  crcdisk - ok
10:58:41.0066 0x13b0  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:58:41.0159 0x13b0  CryptSvc - ok
10:58:41.0648 0x13b0  [ 72794D112CBAFF3BC0C29BF7350D4741, 060C207F27306A3464FBCD8B08BDC97E34923ECA349933ECB059848BD08F41ED ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:58:41.0810 0x13b0  cvhsvc - ok
10:58:42.0176 0x13b0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:58:42.0544 0x13b0  DcomLaunch - ok
10:58:42.0586 0x13b0  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc      C:\Windows\System32\defragsvc.dll
10:58:42.0733 0x13b0  defragsvc - ok
10:58:42.0828 0x13b0  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:58:43.0059 0x13b0  DfsC - ok
10:58:43.0228 0x13b0  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:58:43.0719 0x13b0  Dhcp - ok
10:58:44.0215 0x13b0  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
10:58:44.0532 0x13b0  discache - ok
10:58:44.0635 0x13b0  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:58:44.0649 0x13b0  Disk - ok
10:58:44.0688 0x13b0  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:58:44.0733 0x13b0  Dnscache - ok
10:58:45.0125 0x13b0  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc        C:\Windows\System32\dot3svc.dll
10:58:45.0329 0x13b0  dot3svc - ok
10:58:45.0663 0x13b0  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS            C:\Windows\system32\dps.dll
10:58:45.0842 0x13b0  DPS - ok
10:58:46.0376 0x13b0  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
10:58:47.0017 0x13b0  drmkaud - ok
10:58:47.0796 0x13b0  [ 16498EBC04AE9DD07049A8884B205C05, 134EA1C7A2DB984B8EBADF6C25B28DBADF02215AA2ED298FA124556FC4992084 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
10:58:47.0829 0x13b0  DXGKrnl - ok
10:58:48.0070 0x13b0  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost        C:\Windows\System32\eapsvc.dll
10:58:48.0538 0x13b0  EapHost - ok
10:58:52.0697 0x13b0  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv          C:\Windows\system32\DRIVERS\evbdx.sys
10:58:53.0216 0x13b0  ebdrv - ok
10:58:53.0460 0x13b0  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS            C:\Windows\System32\lsass.exe
10:58:53.0599 0x13b0  EFS - ok
10:58:55.0498 0x13b0  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
10:58:56.0345 0x13b0  ehRecvr - ok
10:58:56.0571 0x13b0  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched        C:\Windows\ehome\ehsched.exe
10:58:56.0841 0x13b0  ehSched - ok
10:58:59.0217 0x13b0  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
10:58:59.0787 0x13b0  elxstor - ok
10:58:59.0821 0x13b0  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:59:00.0081 0x13b0  ErrDev - ok
10:59:00.0521 0x13b0  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem    C:\Windows\system32\es.dll
10:59:00.0718 0x13b0  EventSystem - ok
10:59:00.0858 0x13b0  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat          C:\Windows\system32\drivers\exfat.sys
10:59:01.0143 0x13b0  exfat - ok
10:59:01.0242 0x13b0  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
10:59:01.0453 0x13b0  fastfat - ok
10:59:01.0649 0x13b0  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax            C:\Windows\system32\fxssvc.exe
10:59:01.0783 0x13b0  Fax - ok
10:59:01.0883 0x13b0  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
10:59:02.0059 0x13b0  fdc - ok
10:59:02.0127 0x13b0  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost        C:\Windows\system32\fdPHost.dll
10:59:02.0293 0x13b0  fdPHost - ok
10:59:03.0586 0x13b0  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:59:03.0763 0x13b0  FDResPub - ok
10:59:03.0876 0x13b0  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:59:03.0903 0x13b0  FileInfo - ok
10:59:04.0049 0x13b0  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
10:59:04.0230 0x13b0  Filetrace - ok
10:59:04.0444 0x13b0  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:59:04.0558 0x13b0  flpydisk - ok
10:59:04.0766 0x13b0  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:59:04.0860 0x13b0  FltMgr - ok
10:59:05.0049 0x13b0  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache      C:\Windows\system32\FntCache.dll
10:59:05.0154 0x13b0  FontCache - ok
10:59:05.0310 0x13b0  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:59:05.0374 0x13b0  FontCache3.0.0.0 - ok
10:59:05.0415 0x13b0  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
10:59:05.0542 0x13b0  FsDepends - ok
10:59:05.0893 0x13b0  [ 790A4CA68F44BE35967B3DF61F3E4675, 7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ] FsUsbExDisk    C:\Windows\system32\FsUsbExDisk.SYS
10:59:06.0137 0x13b0  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
10:59:08.0473 0x13b0  Detect skipped due to KSN trusted
10:59:08.0473 0x13b0  FsUsbExDisk - ok
10:59:08.0521 0x13b0  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:59:08.0531 0x13b0  Fs_Rec - ok
10:59:08.0670 0x13b0  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:59:08.0757 0x13b0  fvevol - ok
10:59:08.0943 0x13b0  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:59:09.0045 0x13b0  gagp30kx - ok
10:59:09.0702 0x13b0  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc          C:\Windows\System32\gpsvc.dll
10:59:09.0935 0x13b0  gpsvc - ok
10:59:10.0270 0x13b0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
10:59:10.0294 0x13b0  gupdate - ok
10:59:10.0540 0x13b0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:59:10.0564 0x13b0  gupdatem - ok
10:59:10.0624 0x13b0  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:59:10.0880 0x13b0  hcw85cir - ok
10:59:11.0495 0x13b0  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:59:11.0725 0x13b0  HdAudAddService - ok
10:59:11.0805 0x13b0  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:59:11.0904 0x13b0  HDAudBus - ok
10:59:12.0009 0x13b0  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
10:59:12.0144 0x13b0  HidBatt - ok
10:59:12.0259 0x13b0  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:59:12.0656 0x13b0  HidBth - ok
10:59:12.0732 0x13b0  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
10:59:13.0026 0x13b0  HidIr - ok
10:59:13.0323 0x13b0  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv        C:\Windows\system32\hidserv.dll
10:59:13.0470 0x13b0  hidserv - ok
10:59:13.0610 0x13b0  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:59:13.0807 0x13b0  HidUsb - ok
10:59:13.0890 0x13b0  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:59:14.0066 0x13b0  hkmsvc - ok
10:59:14.0157 0x13b0  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:59:14.0242 0x13b0  HomeGroupListener - ok
10:59:14.0274 0x13b0  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:59:14.0342 0x13b0  HomeGroupProvider - ok
10:59:14.0400 0x13b0  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:59:14.0458 0x13b0  HpSAMD - ok
10:59:14.0579 0x13b0  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:59:14.0627 0x13b0  HTTP - ok
10:59:14.0704 0x13b0  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:59:14.0730 0x13b0  hwpolicy - ok
10:59:14.0916 0x13b0  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:59:15.0154 0x13b0  i8042prt - ok
10:59:15.0292 0x13b0  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
10:59:15.0417 0x13b0  iaStorV - ok
10:59:15.0718 0x13b0  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:59:15.0756 0x13b0  idsvc - ok
10:59:15.0848 0x13b0  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
10:59:15.0927 0x13b0  iirsp - ok
10:59:16.0221 0x13b0  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:59:16.0409 0x13b0  IKEEXT - ok
10:59:17.0964 0x13b0  [ F4427E5DF32CDE359B2E2E5512D18001, 37660CB81A656F793224381E145CFE6D173EFBA3C58E17669E34D5BA239FF776 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:59:18.0039 0x13b0  IntcAzAudAddService - ok
10:59:18.0110 0x13b0  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:59:18.0202 0x13b0  intelide - ok
10:59:18.0240 0x13b0  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:59:18.0294 0x13b0  intelppm - ok
10:59:18.0398 0x13b0  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
10:59:18.0544 0x13b0  IPBusEnum - ok
10:59:18.0555 0x13b0  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:59:18.0604 0x13b0  IpFilterDriver - ok
10:59:19.0360 0x13b0  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:59:19.0564 0x13b0  iphlpsvc - ok
10:59:19.0792 0x13b0  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
10:59:19.0969 0x13b0  IPMIDRV - ok
10:59:20.0139 0x13b0  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
10:59:20.0377 0x13b0  IPNAT - ok
10:59:20.0609 0x13b0  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:59:20.0700 0x13b0  IRENUM - ok
10:59:20.0802 0x13b0  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:59:20.0891 0x13b0  isapnp - ok
10:59:20.0938 0x13b0  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:59:20.0974 0x13b0  iScsiPrt - ok
10:59:21.0246 0x13b0  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:59:21.0272 0x13b0  kbdclass - ok
10:59:21.0320 0x13b0  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:59:21.0474 0x13b0  kbdhid - ok
10:59:21.0528 0x13b0  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso          C:\Windows\system32\lsass.exe
10:59:21.0566 0x13b0  KeyIso - ok
10:59:21.0610 0x13b0  [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:59:21.0677 0x13b0  KSecDD - ok
10:59:21.0870 0x13b0  [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
10:59:21.0943 0x13b0  KSecPkg - ok
10:59:22.0115 0x13b0  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm          C:\Windows\system32\msdtckrm.dll
10:59:22.0209 0x13b0  KtmRm - ok
10:59:22.0453 0x13b0  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:59:22.0677 0x13b0  LanmanServer - ok
10:59:22.0806 0x13b0  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:59:22.0949 0x13b0  LanmanWorkstation - ok
10:59:23.0013 0x13b0  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
10:59:23.0039 0x13b0  lirsgt - ok
10:59:23.0298 0x13b0  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:59:23.0429 0x13b0  lltdio - ok
10:59:23.0529 0x13b0  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
10:59:23.0715 0x13b0  lltdsvc - ok
10:59:23.0763 0x13b0  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts        C:\Windows\System32\lmhsvc.dll
10:59:24.0009 0x13b0  lmhosts - ok
10:59:24.0244 0x13b0  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:59:24.0307 0x13b0  LSI_FC - ok
10:59:24.0455 0x13b0  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
10:59:24.0636 0x13b0  LSI_SAS - ok
10:59:24.0666 0x13b0  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:59:24.0677 0x13b0  LSI_SAS2 - ok
10:59:24.0703 0x13b0  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:59:24.0891 0x13b0  LSI_SCSI - ok
10:59:25.0073 0x13b0  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv          C:\Windows\system32\drivers\luafv.sys
10:59:25.0263 0x13b0  luafv - ok
10:59:25.0584 0x13b0  [ F88B3A1CA0CE7DA9879F633D3EC10B9B, 6D3849A34BB043BAC72E36B120B14827B577C6B462794C7A0E4BAD668FB4F3FC ] mbamchameleon  C:\Windows\system32\drivers\mbamchameleon.sys
10:59:25.0649 0x13b0  mbamchameleon - ok
10:59:25.0760 0x13b0  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy  C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:59:25.0853 0x13b0  MBAMSwissArmy - ok
10:59:25.0929 0x13b0  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
10:59:26.0000 0x13b0  Mcx2Svc - ok
10:59:26.0096 0x13b0  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
10:59:26.0134 0x13b0  megasas - ok
10:59:26.0279 0x13b0  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:59:26.0315 0x13b0  MegaSR - ok
10:59:27.0303 0x13b0  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:59:27.0398 0x13b0  Microsoft Office Groove Audit Service - ok
10:59:27.0510 0x13b0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS          C:\Windows\system32\mmcss.dll
10:59:27.0590 0x13b0  MMCSS - ok
10:59:27.0666 0x13b0  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem          C:\Windows\system32\drivers\modem.sys
10:59:27.0778 0x13b0  Modem - ok
10:59:27.0825 0x13b0  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
10:59:27.0984 0x13b0  monitor - ok
10:59:28.0036 0x13b0  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:59:28.0046 0x13b0  mouclass - ok
10:59:28.0114 0x13b0  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:59:28.0158 0x13b0  mouhid - ok
10:59:28.0209 0x13b0  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:59:28.0227 0x13b0  mountmgr - ok
10:59:28.0409 0x13b0  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:59:28.0522 0x13b0  MozillaMaintenance - ok
10:59:28.0667 0x13b0  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:59:28.0856 0x13b0  mpio - ok
10:59:29.0012 0x13b0  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:59:29.0188 0x13b0  mpsdrv - ok
10:59:29.0347 0x13b0  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:59:29.0589 0x13b0  MpsSvc - ok
10:59:29.0730 0x13b0  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:59:29.0907 0x13b0  MRxDAV - ok
10:59:29.0996 0x13b0  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:59:30.0161 0x13b0  mrxsmb - ok
10:59:30.0249 0x13b0  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:59:30.0291 0x13b0  mrxsmb10 - ok
10:59:30.0309 0x13b0  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:59:30.0323 0x13b0  mrxsmb20 - ok
10:59:30.0341 0x13b0  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:59:30.0378 0x13b0  msahci - ok
10:59:30.0471 0x13b0  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
10:59:30.0518 0x13b0  msdsm - ok
10:59:30.0529 0x13b0  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC          C:\Windows\System32\msdtc.exe
10:59:30.0580 0x13b0  MSDTC - ok
10:59:30.0610 0x13b0  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:59:30.0727 0x13b0  Msfs - ok
10:59:30.0802 0x13b0  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
10:59:30.0886 0x13b0  mshidkmdf - ok
10:59:30.0936 0x13b0  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:59:30.0961 0x13b0  msisadrv - ok
10:59:31.0117 0x13b0  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
10:59:31.0291 0x13b0  MSiSCSI - ok
10:59:31.0294 0x13b0  msiserver - ok
10:59:31.0337 0x13b0  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
10:59:31.0542 0x13b0  MSKSSRV - ok
10:59:31.0598 0x13b0  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:59:31.0781 0x13b0  MSPCLOCK - ok
10:59:31.0832 0x13b0  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
10:59:31.0953 0x13b0  MSPQM - ok
10:59:32.0051 0x13b0  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
10:59:32.0085 0x13b0  MsRPC - ok
10:59:32.0146 0x13b0  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:59:32.0287 0x13b0  mssmbios - ok
10:59:32.0410 0x13b0  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
10:59:32.0633 0x13b0  MSTEE - ok
10:59:32.0721 0x13b0  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:59:32.0910 0x13b0  MTConfig - ok
10:59:32.0963 0x13b0  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup            C:\Windows\system32\Drivers\mup.sys
10:59:33.0061 0x13b0  Mup - ok
10:59:33.0203 0x13b0  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
10:59:33.0297 0x13b0  napagent - ok
10:59:33.0523 0x13b0  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
10:59:33.0569 0x13b0  NativeWifiP - ok
10:59:33.0815 0x13b0  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:59:33.0854 0x13b0  NDIS - ok
10:59:33.0987 0x13b0  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
10:59:34.0098 0x13b0  NdisCap - ok
10:59:34.0192 0x13b0  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:59:34.0301 0x13b0  NdisTapi - ok
10:59:34.0494 0x13b0  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
10:59:34.0566 0x13b0  Ndisuio - ok
10:59:34.0716 0x13b0  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
10:59:35.0535 0x13b0  NdisWan - ok
10:59:35.0710 0x13b0  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
10:59:36.0002 0x13b0  NDProxy - ok
10:59:36.0352 0x13b0  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
10:59:36.0486 0x13b0  NetBIOS - ok
10:59:36.0640 0x13b0  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
10:59:36.0910 0x13b0  NetBT - ok
10:59:36.0934 0x13b0  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon        C:\Windows\system32\lsass.exe
10:59:36.0946 0x13b0  Netlogon - ok
10:59:37.0482 0x13b0  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
10:59:37.0785 0x13b0  Netman - ok
10:59:38.0146 0x13b0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:59:38.0343 0x13b0  NetMsmqActivator - ok
10:59:38.0615 0x13b0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:59:38.0640 0x13b0  NetPipeActivator - ok
10:59:38.0794 0x13b0  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
10:59:38.0975 0x13b0  netprofm - ok
10:59:39.0153 0x13b0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:59:39.0179 0x13b0  NetTcpActivator - ok
10:59:39.0208 0x13b0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:59:39.0221 0x13b0  NetTcpPortSharing - ok
10:59:39.0461 0x13b0  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
10:59:39.0587 0x13b0  nfrd960 - ok
10:59:39.0761 0x13b0  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:59:39.0800 0x13b0  NlaSvc - ok
10:59:40.0071 0x13b0  [ B9730495E0CF674680121E34BD95A73B, 1A3DD943B0EEA19A676175825CB135825ECF41404B59349AC9B1E6D137FA9B46 ] npf            C:\Windows\system32\drivers\npf.sys
10:59:40.0099 0x13b0  npf - ok
10:59:40.0141 0x13b0  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:59:40.0353 0x13b0  Npfs - ok
10:59:40.0449 0x13b0  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi            C:\Windows\system32\nsisvc.dll
10:59:40.0565 0x13b0  nsi - ok
10:59:40.0672 0x13b0  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:59:40.0806 0x13b0  nsiproxy - ok
10:59:41.0120 0x13b0  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:59:41.0248 0x13b0  Ntfs - ok
10:59:41.0282 0x13b0  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
10:59:41.0352 0x13b0  Null - ok
10:59:41.0531 0x13b0  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:59:41.0718 0x13b0  nvraid - ok
10:59:41.0873 0x13b0  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:59:41.0909 0x13b0  nvstor - ok
10:59:42.0126 0x13b0  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:59:42.0265 0x13b0  nv_agp - ok
10:59:42.0686 0x13b0  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:59:42.0932 0x13b0  odserv - ok
10:59:43.0892 0x13b0  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:59:44.0005 0x13b0  ohci1394 - ok
10:59:44.0249 0x13b0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:59:44.0336 0x13b0  ose - ok
10:59:45.0430 0x13b0  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:59:45.0702 0x13b0  osppsvc - ok
10:59:45.0883 0x13b0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:59:46.0093 0x13b0  p2pimsvc - ok
10:59:46.0347 0x13b0  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:59:46.0582 0x13b0  p2psvc - ok
10:59:46.0660 0x13b0  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport        C:\Windows\system32\DRIVERS\parport.sys
10:59:46.0885 0x13b0  Parport - ok
10:59:47.0013 0x13b0  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr        C:\Windows\system32\drivers\partmgr.sys
10:59:47.0041 0x13b0  partmgr - ok
10:59:47.0189 0x13b0  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
10:59:47.0353 0x13b0  Parvdm - ok
10:59:47.0709 0x13b0  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:59:47.0845 0x13b0  PcaSvc - ok
10:59:48.0297 0x13b0  [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:59:48.0616 0x13b0  pccsmcfd - ok
10:59:48.0735 0x13b0  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci            C:\Windows\system32\drivers\pci.sys
10:59:48.0897 0x13b0  pci - ok
10:59:48.0934 0x13b0  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:59:49.0099 0x13b0  pciide - ok
10:59:49.0229 0x13b0  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:59:49.0316 0x13b0  pcmcia - ok
10:59:49.0432 0x13b0  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw            C:\Windows\system32\drivers\pcw.sys
10:59:49.0465 0x13b0  pcw - ok
10:59:49.0706 0x13b0  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:59:49.0826 0x13b0  PEAUTH - ok
10:59:50.0351 0x13b0  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla            C:\Windows\system32\pla.dll
10:59:50.0427 0x13b0  pla - ok
10:59:50.0842 0x13b0  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:59:51.0048 0x13b0  PlugPlay - ok
10:59:51.0266 0x13b0  [ 1713D9DE407313138118D501B0E3C05B, 75D89D507BFEBC8F9FBEB988C721BFB721FD0535BE915F370F3966967BA0B419 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
10:59:51.0298 0x13b0  PnkBstrA - ok
10:59:51.0437 0x13b0  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
10:59:51.0523 0x13b0  PNRPAutoReg - ok
10:59:51.0638 0x13b0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
10:59:51.0673 0x13b0  PNRPsvc - ok
10:59:51.0941 0x13b0  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
10:59:52.0017 0x13b0  PolicyAgent - ok
10:59:52.0154 0x13b0  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power          C:\Windows\system32\umpo.dll
10:59:52.0221 0x13b0  Power - ok
10:59:52.0292 0x13b0  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:59:52.0627 0x13b0  PptpMiniport - ok
10:59:52.0662 0x13b0  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
10:59:52.0827 0x13b0  Processor - ok
10:59:52.0972 0x13b0  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc        C:\Windows\system32\profsvc.dll
10:59:53.0138 0x13b0  ProfSvc - ok
10:59:53.0243 0x13b0  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
10:59:53.0339 0x13b0  ProtectedStorage - ok
10:59:53.0441 0x13b0  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:59:53.0554 0x13b0  Psched - ok
10:59:54.0057 0x13b0  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:59:54.0212 0x13b0  ql2300 - ok
10:59:54.0348 0x13b0  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:59:54.0418 0x13b0  ql40xx - ok
10:59:54.0507 0x13b0  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE          C:\Windows\system32\qwave.dll
10:59:54.0628 0x13b0  QWAVE - ok
10:59:54.0748 0x13b0  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:59:54.0831 0x13b0  QWAVEdrv - ok
10:59:54.0857 0x13b0  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:59:54.0996 0x13b0  RasAcd - ok
10:59:55.0094 0x13b0  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
10:59:55.0262 0x13b0  RasAgileVpn - ok
10:59:55.0297 0x13b0  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto        C:\Windows\System32\rasauto.dll
10:59:55.0345 0x13b0  RasAuto - ok
10:59:55.0440 0x13b0  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
10:59:55.0511 0x13b0  Rasl2tp - ok
10:59:55.0927 0x13b0  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
10:59:56.0097 0x13b0  RasMan - ok
10:59:56.0328 0x13b0  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:59:56.0413 0x13b0  RasPppoe - ok
10:59:56.0469 0x13b0  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
10:59:56.0562 0x13b0  RasSstp - ok
10:59:56.0718 0x13b0  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
10:59:56.0906 0x13b0  rdbss - ok
10:59:57.0079 0x13b0  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:59:57.0504 0x13b0  rdpbus - ok
10:59:57.0740 0x13b0  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:59:57.0941 0x13b0  RDPCDD - ok
10:59:58.0298 0x13b0  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:59:58.0559 0x13b0  RDPENCDD - ok
10:59:58.0708 0x13b0  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:59:58.0860 0x13b0  RDPREFMP - ok
10:59:58.0999 0x13b0  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
10:59:59.0084 0x13b0  RDPWD - ok
10:59:59.0414 0x13b0  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:59:59.0548 0x13b0  rdyboost - ok
10:59:59.0653 0x13b0  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:59:59.0816 0x13b0  RemoteAccess - ok
10:59:59.0827 0x13b0  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:59:59.0893 0x13b0  RemoteRegistry - ok
10:59:59.0918 0x13b0  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:00:00.0125 0x13b0  RpcEptMapper - ok
11:00:00.0182 0x13b0  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:00:00.0252 0x13b0  RpcLocator - ok
11:00:00.0292 0x13b0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs          C:\Windows\system32\rpcss.dll
11:00:00.0332 0x13b0  RpcSs - ok
11:00:00.0508 0x13b0  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:00:00.0640 0x13b0  rspndr - ok
11:00:01.0072 0x13b0  [ BCEBD5D1AABCE4EFB7597635E347C44B, AB26EA1A028D30C4D1763EAB1991E2BABD44A78BDD4E06B6A1F101756860B1D4 ] RTL8167        C:\Windows\system32\DRIVERS\Rt86win7.sys
11:00:01.0299 0x13b0  RTL8167 - ok
11:00:01.0441 0x13b0  [ 51ADEF77E4C929535FD50DA153774E79, A02C501D6582DE2E450840E187285678A42087519C232AA20A7ECA1E218ED179 ] RTL8192su      C:\Windows\system32\DRIVERS\RTL8192su.sys
11:00:01.0600 0x13b0  RTL8192su - ok
11:00:01.0798 0x13b0  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs          C:\Windows\system32\lsass.exe
11:00:01.0829 0x13b0  SamSs - ok
11:00:01.0906 0x13b0  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:00:02.0010 0x13b0  sbp2port - ok
11:00:02.0032 0x13b0  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:00:02.0194 0x13b0  SCardSvr - ok
11:00:02.0281 0x13b0  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:00:02.0384 0x13b0  scfilter - ok
11:00:02.0498 0x13b0  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
11:00:02.0615 0x13b0  Schedule - ok
11:00:02.0740 0x13b0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc    C:\Windows\System32\certprop.dll
11:00:02.0784 0x13b0  SCPolicySvc - ok
11:00:02.0898 0x13b0  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:00:02.0999 0x13b0  SDRSVC - ok
11:00:03.0215 0x13b0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:00:03.0365 0x13b0  secdrv - ok
11:00:03.0472 0x13b0  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
11:00:03.0722 0x13b0  seclogon - ok
11:00:03.0807 0x13b0  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
11:00:03.0875 0x13b0  SENS - ok
11:00:04.0017 0x13b0  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:00:04.0375 0x13b0  SensrSvc - ok
11:00:04.0582 0x13b0  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
11:00:04.0685 0x13b0  Serenum - ok
11:00:04.0890 0x13b0  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:00:05.0450 0x13b0  Serial - ok
11:00:05.0784 0x13b0  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:00:05.0945 0x13b0  sermouse - ok
11:00:06.0537 0x13b0  [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
11:00:07.0271 0x13b0  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
11:00:17.0352 0x13b0  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
11:00:17.0352 0x13b0  Force sending object to P2P due to detect: ServiceLayer
11:00:20.0703 0x13b0  Object send P2P result: true
11:00:23.0280 0x13b0  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:00:23.0434 0x13b0  SessionEnv - ok
11:00:23.0592 0x13b0  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
11:00:23.0735 0x13b0  sffdisk - ok
11:00:23.0779 0x13b0  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:00:23.0830 0x13b0  sffp_mmc - ok
11:00:23.0858 0x13b0  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
11:00:23.0939 0x13b0  sffp_sd - ok
11:00:24.0071 0x13b0  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
11:00:24.0201 0x13b0  sfloppy - ok
11:00:24.0326 0x13b0  [ D9B734638DD8DBA9D59AAD3189CD0FAD, 694488C94F168AFC53B03BB5824DB60D2DABD8B0A4E2869D0C5A5455E1CA04EA ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
11:00:24.0410 0x13b0  Sftfs - ok
11:00:24.0680 0x13b0  [ CB73BC422C07FB611F194DA18D1E7F36, F30C4D887D18FC32151C8A30FAFD17E36BF8EC542D81CB94C286F448A640CAC9 ] sftlist        C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
11:00:25.0195 0x13b0  sftlist - ok
11:00:25.0493 0x13b0  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5, 39602AAB1619C8C9DED9EC826CB90B1243AC35A928B1977942C420912849558B ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:00:25.0528 0x13b0  Sftplay - ok
11:00:25.0537 0x13b0  [ 518BAC0179F94304F422696B47C0EC12, 7DD53B062B93848B4B80ADD1BFF4F6AEAACA17EC45F08F46F21C158CF08812C1 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:00:25.0677 0x13b0  Sftredir - ok
11:00:25.0739 0x13b0  [ 747325236D88B3F05FFD27FF9EC711C5, DD3BD4286888A9B9F58C2723B5E15191872E84F0739C278C40F9784DD5462591 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
11:00:25.0886 0x13b0  Sftvol - ok
11:00:26.0079 0x13b0  [ A5812F0281CA5081BF696626F9BF324D, 36AEDE39B425E1BE769C6DCECDFD09F365851992B70E21B462A459E5211451CD ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
11:00:26.0105 0x13b0  sftvsa - ok
11:00:29.0531 0x13b0  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:00:30.0005 0x13b0  SharedAccess - ok
11:00:30.0211 0x13b0  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:00:30.0316 0x13b0  ShellHWDetection - ok
11:00:30.0347 0x13b0  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:00:30.0496 0x13b0  sisagp - ok
11:00:30.0627 0x13b0  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:00:30.0693 0x13b0  SiSRaid2 - ok
11:00:30.0818 0x13b0  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:00:30.0847 0x13b0  SiSRaid4 - ok
11:00:30.0997 0x13b0  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
11:00:31.0141 0x13b0  Smb - ok
11:00:31.0292 0x13b0  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:00:31.0337 0x13b0  SNMPTRAP - ok
11:00:31.0366 0x13b0  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr          C:\Windows\system32\drivers\spldr.sys
11:00:31.0382 0x13b0  spldr - ok
11:00:31.0512 0x13b0  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler        C:\Windows\System32\spoolsv.exe
11:00:31.0579 0x13b0  Spooler - ok
11:00:32.0360 0x13b0  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:00:32.0561 0x13b0  sppsvc - ok
11:00:32.0634 0x13b0  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify    C:\Windows\system32\sppuinotify.dll
11:00:32.0709 0x13b0  sppuinotify - ok
11:00:32.0752 0x13b0  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv            C:\Windows\system32\DRIVERS\srv.sys
11:00:32.0887 0x13b0  srv - ok
11:00:33.0009 0x13b0  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:00:33.0058 0x13b0  srv2 - ok
11:00:33.0120 0x13b0  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:00:33.0183 0x13b0  srvnet - ok
11:00:33.0229 0x13b0  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
11:00:33.0296 0x13b0  SSDPSRV - ok
11:00:33.0337 0x13b0  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
11:00:33.0431 0x13b0  SstpSvc - ok
11:00:33.0451 0x13b0  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:00:33.0461 0x13b0  stexstor - ok
11:00:33.0491 0x13b0  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:00:33.0557 0x13b0  StiSvc - ok
11:00:33.0876 0x13b0  [ 36565318396A9D0A880687D1BB9C7F79, 3B226119A428D4A18B58C60169C9896A6AB1B920F97115CDCD170BA0D9520BDB ] StkCMini        C:\Windows\system32\Drivers\StkCMini.sys
11:00:34.0001 0x13b0  StkCMini - ok
11:00:34.0024 0x13b0  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:00:34.0033 0x13b0  swenum - ok
11:00:34.0121 0x13b0  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv          C:\Windows\System32\swprv.dll
11:00:34.0174 0x13b0  swprv - ok
11:00:34.0277 0x13b0  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain        C:\Windows\system32\sysmain.dll
11:00:34.0346 0x13b0  SysMain - ok
11:00:34.0384 0x13b0  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:00:34.0411 0x13b0  TabletInputService - ok
11:00:34.0555 0x13b0  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv        C:\Windows\System32\tapisrv.dll
11:00:34.0834 0x13b0  TapiSrv - ok
11:00:34.0943 0x13b0  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS            C:\Windows\System32\tbssvc.dll
11:00:35.0132 0x13b0  TBS - ok
11:00:35.0871 0x13b0  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C, 0FA6A6F065A99B0F40A3D50A20DF69D692824EE5776AC3904F9ED1F6F8832BD3 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
11:00:35.0917 0x13b0  Tcpip - ok
11:00:35.0952 0x13b0  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C, 0FA6A6F065A99B0F40A3D50A20DF69D692824EE5776AC3904F9ED1F6F8832BD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:00:35.0989 0x13b0  TCPIP6 - ok
11:00:36.0125 0x13b0  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:00:36.0279 0x13b0  tcpipreg - ok
11:00:36.0375 0x13b0  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:00:36.0464 0x13b0  TDPIPE - ok
11:00:36.0533 0x13b0  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
11:00:36.0599 0x13b0  TDTCP - ok
11:00:36.0621 0x13b0  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
11:00:36.0762 0x13b0  tdx - ok
11:00:36.0838 0x13b0  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:00:36.0867 0x13b0  TermDD - ok
11:00:37.0050 0x13b0  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService    C:\Windows\System32\termsrv.dll
11:00:37.0210 0x13b0  TermService - ok
11:00:37.0345 0x13b0  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:00:37.0419 0x13b0  Themes - ok
11:00:37.0492 0x13b0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER    C:\Windows\system32\mmcss.dll
11:00:37.0549 0x13b0  THREADORDER - ok
11:00:37.0566 0x13b0  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:00:37.0680 0x13b0  TrkWks - ok
11:00:37.0767 0x13b0  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:00:37.0815 0x13b0  TrustedInstaller - ok
11:00:37.0906 0x13b0  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:00:37.0975 0x13b0  tssecsrv - ok
11:00:37.0992 0x13b0  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:00:38.0007 0x13b0  TsUsbFlt - ok
11:00:38.0021 0x13b0  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:00:38.0047 0x13b0  tunnel - ok
11:00:38.0081 0x13b0  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:00:38.0138 0x13b0  uagp35 - ok
11:00:38.0223 0x13b0  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:00:38.0318 0x13b0  udfs - ok
11:00:38.0350 0x13b0  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect      C:\Windows\system32\UI0Detect.exe
11:00:38.0435 0x13b0  UI0Detect - ok
11:00:38.0697 0x13b0  [ F13DA74969897359A88F2A739F54A250, 647CDD8D5150A92EB2F250C1A1C5ED75C3B097369D879477FAD54DBA20A8843E ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
11:00:38.0738 0x13b0  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
11:00:41.0065 0x13b0  Detect skipped due to KSN trusted
11:00:41.0066 0x13b0  UleadBurningHelper - ok
11:00:41.0105 0x13b0  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:00:41.0133 0x13b0  uliagpkx - ok
11:00:41.0165 0x13b0  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus          C:\Windows\system32\drivers\umbus.sys
11:00:41.0242 0x13b0  umbus - ok
11:00:41.0299 0x13b0  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:00:41.0463 0x13b0  UmPass - ok
11:00:41.0584 0x13b0  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:00:41.0643 0x13b0  upnphost - ok
11:00:41.0678 0x13b0  [ 1D9F2BD026E8E2D45033A4DF3F16B78C, 72603E0A614F382AF69972F0930FD168B805922599DB9A7410B20CB391A9B933 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:00:41.0759 0x13b0  usbaudio - ok
11:00:41.0787 0x13b0  [ BD9C55D7023C5DE374507ACC7A14E2AC, 1DBAFF733DE5C1A6A2374B15BD94512A22D9C0F4DF91F997801340828333AF3C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
11:00:41.0803 0x13b0  usbccgp - ok
11:00:41.0853 0x13b0  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:00:41.0989 0x13b0  usbcir - ok
11:00:42.0023 0x13b0  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
11:00:42.0042 0x13b0  usbehci - ok
11:00:42.0066 0x13b0  [ 19999CA8E83F16D271AFC467B84718D7, ADB15873F524B7698B4160C9D86B7ACCF2FC53B441FD7D8B510C3CD72B46B6A2 ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
11:00:42.0080 0x13b0  usbfilter - ok
11:00:42.0107 0x13b0  [ 8DC94AEC6A7E644A06135AE7506DC2E9, 3ACB621D57BC8691DBBCDEF27563AA6390370362F21AFA6E7BA35BC429E14590 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:00:42.0183 0x13b0  usbhub - ok
11:00:42.0227 0x13b0  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
11:00:42.0286 0x13b0  usbohci - ok
11:00:42.0333 0x13b0  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:00:42.0428 0x13b0  usbprint - ok
11:00:42.0490 0x13b0  [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
11:00:42.0540 0x13b0  usbscan - ok
11:00:42.0564 0x13b0  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:00:42.0589 0x13b0  USBSTOR - ok
11:00:42.0648 0x13b0  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
11:00:42.0705 0x13b0  usbuhci - ok
11:00:42.0755 0x13b0  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms          C:\Windows\System32\uxsms.dll
11:00:42.0845 0x13b0  UxSms - ok
11:00:42.0884 0x13b0  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc        C:\Windows\system32\lsass.exe
11:00:42.0900 0x13b0  VaultSvc - ok
11:00:43.0278 0x13b0  [ EA9ADB96A31020D4D3E5167FE31427DE, 5635513F58CF89AF87B7A5CE570B348A932C5C74D3FBAF575D708198B174D641 ] VBoxAswDrv      C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys
11:00:43.0307 0x13b0  VBoxAswDrv - ok
11:00:43.0376 0x13b0  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:00:43.0426 0x13b0  vdrvroot - ok
11:00:43.0495 0x13b0  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds            C:\Windows\System32\vds.exe
11:00:43.0561 0x13b0  vds - ok
11:00:43.0639 0x13b0  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
11:00:43.0678 0x13b0  vga - ok
11:00:43.0719 0x13b0  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave        C:\Windows\System32\drivers\vga.sys
11:00:43.0760 0x13b0  VgaSave - ok
11:00:43.0792 0x13b0  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
11:00:43.0919 0x13b0  vhdmp - ok
11:00:43.0938 0x13b0  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:00:43.0968 0x13b0  viaagp - ok
11:00:43.0989 0x13b0  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7          C:\Windows\system32\DRIVERS\viac7.sys
11:00:44.0067 0x13b0  ViaC7 - ok
11:00:44.0098 0x13b0  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:00:44.0154 0x13b0  viaide - ok
11:00:44.0173 0x13b0  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:00:44.0186 0x13b0  volmgr - ok
11:00:44.0204 0x13b0  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
11:00:44.0230 0x13b0  volmgrx - ok
11:00:44.0290 0x13b0  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
11:00:44.0321 0x13b0  volsnap - ok
11:00:44.0415 0x13b0  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
11:00:44.0428 0x13b0  vsmraid - ok
11:00:44.0648 0x13b0  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS            C:\Windows\system32\vssvc.exe
11:00:44.0703 0x13b0  VSS - ok
11:00:44.0865 0x13b0  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:00:45.0026 0x13b0  vwifibus - ok
11:00:45.0067 0x13b0  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:00:45.0206 0x13b0  vwififlt - ok
11:00:45.0556 0x13b0  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time        C:\Windows\system32\w32time.dll
11:00:45.0843 0x13b0  W32Time - ok
11:00:45.0908 0x13b0  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:00:46.0246 0x13b0  WacomPen - ok
11:00:46.0345 0x13b0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:00:46.0531 0x13b0  WANARP - ok
11:00:46.0543 0x13b0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:00:46.0742 0x13b0  Wanarpv6 - ok
11:00:47.0066 0x13b0  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:00:47.0343 0x13b0  wbengine - ok
11:00:47.0406 0x13b0  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:00:47.0547 0x13b0  WbioSrvc - ok
11:00:47.0573 0x13b0  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc        C:\Windows\System32\wcncsvc.dll
11:00:47.0634 0x13b0  wcncsvc - ok
11:00:47.0798 0x13b0  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:00:47.0911 0x13b0  WcsPlugInService - ok
11:00:47.0930 0x13b0  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:00:48.0138 0x13b0  Wd - ok
11:00:48.0405 0x13b0  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:00:48.0532 0x13b0  Wdf01000 - ok
11:00:48.0636 0x13b0  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:00:48.0713 0x13b0  WdiServiceHost - ok
11:00:48.0813 0x13b0  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost  C:\Windows\system32\wdi.dll
11:00:48.0848 0x13b0  WdiSystemHost - ok
11:00:49.0134 0x13b0  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient      C:\Windows\System32\webclnt.dll
11:00:49.0426 0x13b0  WebClient - ok
11:00:49.0659 0x13b0  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:00:49.0874 0x13b0  Wecsvc - ok
11:00:49.0936 0x13b0  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
11:00:50.0101 0x13b0  wercplsupport - ok
11:00:50.0169 0x13b0  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:00:50.0257 0x13b0  WerSvc - ok
11:00:50.0289 0x13b0  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:00:50.0331 0x13b0  WfpLwf - ok
11:00:50.0473 0x13b0  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:00:50.0567 0x13b0  WIMMount - ok
11:00:51.0115 0x13b0  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
11:00:51.0253 0x13b0  WinDefend - ok
11:00:51.0267 0x13b0  WinHttpAutoProxySvc - ok
11:00:52.0010 0x13b0  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
11:00:52.0233 0x13b0  Winmgmt - ok
11:00:52.0558 0x13b0  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM          C:\Windows\system32\WsmSvc.dll
11:00:52.0745 0x13b0  WinRM - ok
11:00:52.0888 0x13b0  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:00:53.0107 0x13b0  WinUsb - ok
11:00:53.0276 0x13b0  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc        C:\Windows\System32\wlansvc.dll
11:00:53.0421 0x13b0  Wlansvc - ok
11:00:53.0816 0x13b0  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:00:53.0862 0x13b0  wlidsvc - ok
11:00:53.0947 0x13b0  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
11:00:54.0053 0x13b0  WmiAcpi - ok
11:00:54.0236 0x13b0  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:00:54.0429 0x13b0  wmiApSrv - ok
11:00:54.0798 0x13b0  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
11:00:54.0893 0x13b0  WMPNetworkSvc - ok
11:00:55.0111 0x13b0  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:00:55.0147 0x13b0  WPCSvc - ok
11:00:55.0182 0x13b0  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:00:55.0349 0x13b0  WPDBusEnum - ok
11:00:55.0391 0x13b0  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
11:00:55.0470 0x13b0  ws2ifsl - ok
11:00:55.0536 0x13b0  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:00:55.0583 0x13b0  wscsvc - ok
11:00:55.0586 0x13b0  WSearch - ok
11:00:55.0641 0x13b0  wuauserv - ok
11:00:55.0689 0x13b0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:00:55.0815 0x13b0  WudfPf - ok
11:00:55.0850 0x13b0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:00:55.0869 0x13b0  WUDFRd - ok
11:00:55.0887 0x13b0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
11:00:55.0981 0x13b0  wudfsvc - ok
11:00:56.0104 0x13b0  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc        C:\Windows\System32\wwansvc.dll
11:00:56.0169 0x13b0  WwanSvc - ok
11:00:56.0176 0x13b0  ================ Scan global ===============================
11:00:56.0261 0x13b0  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:00:56.0335 0x13b0  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
11:00:56.0395 0x13b0  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
11:00:56.0463 0x13b0  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:00:56.0603 0x13b0  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
11:00:56.0622 0x13b0  [ Global ] - ok
11:00:56.0622 0x13b0  ================ Scan MBR ==================================
11:00:56.0639 0x13b0  [ 6F053CE44510D4BA204AFC85893BC5C5 ] \Device\Harddisk0\DR0
11:01:01.0878 0x13b0  \Device\Harddisk0\DR0 - ok
11:01:01.0879 0x13b0  ================ Scan VBR ==================================
11:01:01.0893 0x13b0  [ 57A3841479A30A2B6DAFCA94B771DEC3 ] \Device\Harddisk0\DR0\Partition1
11:01:02.0081 0x13b0  \Device\Harddisk0\DR0\Partition1 - ok
11:01:02.0094 0x13b0  [ 35BAC632911CFFB60EE1B892205580FE ] \Device\Harddisk0\DR0\Partition2
11:01:02.0250 0x13b0  \Device\Harddisk0\DR0\Partition2 - ok
11:01:02.0301 0x13b0  [ 8C154C2B032D7E324C5B9A36EB06E528 ] \Device\Harddisk0\DR0\Partition3
11:01:02.0308 0x13b0  \Device\Harddisk0\DR0\Partition3 - ok
11:01:02.0309 0x13b0  ================ Scan generic autorun ======================
11:01:04.0253 0x13b0  [ 59D29EF36C6712AAA8607E3484E75259, 48FFDE24C55FF45F8DA47A5D9D0E6ED8F375D683753A0CF0CCC9602D7332A55A ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
11:01:05.0969 0x13b0  RtHDVCpl - ok
11:01:06.0512 0x13b0  [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:01:06.0546 0x13b0  Adobe ARM - ok
11:01:06.0716 0x13b0  [ E66532FD491AD5604C36916715FBA092, 43FA8EF2025E7F1281CA024CB2EB2A433310E1515DCA9359035B3FB4BAE1FA8C ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
11:01:06.0751 0x13b0  Adobe Reader Speed Launcher - ok
11:01:06.0945 0x13b0  [ 055C387F82389A13B64F5E9BD79B3BD6, 98DB8ECD0E41D1B2F92DFD0EB22D32642A048977AF9C9E0BF8D208EBDB956AE6 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:01:07.0038 0x13b0  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
11:01:09.0342 0x13b0  Detect skipped due to KSN trusted
11:01:09.0342 0x13b0  StartCCC - ok
11:01:09.0406 0x13b0  [ D2DAD71C96C113ED07F7BB79AD831C28, 8EACE797C16663D58B8BA67C9BF135780D1676E16797A1E81706263238C7BC0B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:01:09.0415 0x13b0  APSDaemon - ok
11:01:10.0007 0x13b0  [ 951024D91F4C3B95ED8D521F06FBFB00, DF4C62CFE1D81CA503FEAA223FB5759990BF34AB36BDADF28D4C309ADB8C3F48 ] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
11:01:10.0130 0x13b0  UVS10 Preload - detected UnsignedFile.Multi.Generic ( 1 )
11:01:12.0464 0x13b0  Detect skipped due to KSN trusted
11:01:12.0464 0x13b0  UVS10 Preload - ok
11:01:13.0166 0x13b0  [ 06964B7DE858BB6317164BF184E9C766, ADE3D2A7256A8F3F11B6E35979413850EB22B9BBADCE3EC73BE04A1622512126 ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe
11:01:13.0344 0x13b0  AvastUI.exe - ok
11:01:13.0632 0x13b0  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
11:01:13.0696 0x13b0  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
11:01:16.0006 0x13b0  Detect skipped due to KSN trusted
11:01:16.0006 0x13b0  QuickTime Task - ok
11:01:16.0365 0x13b0  [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
11:01:16.0396 0x13b0  GrooveMonitor - ok
11:01:16.0697 0x13b0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:01:16.0895 0x13b0  Sidebar - ok
11:01:17.0099 0x13b0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:01:17.0162 0x13b0  mctadmin - ok
11:01:17.0269 0x13b0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:01:17.0310 0x13b0  Sidebar - ok
11:01:17.0318 0x13b0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:01:17.0334 0x13b0  mctadmin - ok
11:01:17.0335 0x13b0  Waiting for KSN requests completion. In queue: 6
11:01:18.0335 0x13b0  Waiting for KSN requests completion. In queue: 5
11:01:19.0335 0x13b0  Waiting for KSN requests completion. In queue: 5
11:01:20.0412 0x13b0  AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 10.2.2215.880 ), 0x41000 ( enabled : updated )
11:01:20.0415 0x13b0  Win FW state via NFP2: enabled
11:01:34.0772 0x13b0  ============================================================
11:01:34.0772 0x13b0  Scan finished
11:01:34.0772 0x13b0  ============================================================
11:01:34.0792 0x13b4  Detected object count: 1
11:01:34.0792 0x13b4  Actual detected object count: 1
11:01:53.0006 0x13b4  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
11:01:53.0006 0x13b4  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:03:07.0112 0x0e04  Deinitialize success
Mfg

Jetzt bleibt der PC ständig hängen und das Bild verzerrt sich total. Beim hochladen bleibt er jetzt auch ständich beim Windows lädt Bildschirm hängen, auch nach ner halben stunde tut sich nix.
Auch die Windows Starthilfe bleibt immer hängen. Nach ein paarmal an und ausschalten lädt er erst wieder normal.
Ist das vielleicht doch eher ein technisches Problem als ein Virus?

schrauber 07.04.2015 17:49
Poste mal bitte ein frisches FRST log, dann wechseln wir auch gleich parallel zu den Hardware-Checks.

Jabba131 07.04.2015 19:37
FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Altan (administrator) on ALTAN-PC on 07-04-2015 20:35:55
Running from C:\Users\Altan\Desktop
Loaded Profiles: Altan (Available profiles: Altan)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-10] (Ulead Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5512912 2015-04-06] (Avast Software s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\...\MountPoints2: {0f4dd270-d496-11e0-a230-40618699f324} - J:\Install.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL = hxxp://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=drive&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=109217&tt=090812_clr_3212_6&babsrc=SP_ss&mntrId=4a425ad70000000000001c4bd63faac8
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {6E1E4CF4-1EB3-42B9-A059-7BDE6C20EFFF} URL = hxxp://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41648033&src=crm&q={searchTerms}&locale=&apn_ptnrs=96&apn_dtid=YYYYYYYYDE&apn_uid=3832B3FE-B6DD-4B5A-9731-FED045544C9F&apn_sauid=CAEF644C-804C-4374-9C1E-3F75E987C5A5
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL = hxxp://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {D195FBBF-D679-4040-BAB0-BB5D9C60A182} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Altan\AppData\Roaming\Mozilla\Firefox\Profiles\tjj26bf8.default
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-06] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3264414195-358430586-3417125571-1001: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-12-17] (Apple Inc.)
FF Extension: ScanQuery - C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} [2011-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-18]
FF HKLM\...\Firefox\Extensions: [ClickPotatoLite@ClickPotatoLite.com] - C:\Program Files\ClickPotatoLite\bin\10.0.668.0\firefox\extensions
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox

Chrome:
=======
CHR Profile: C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (uTorrentBar_DE) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc [2015-04-07]
CHR Extension: (Google Wallet) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-04-06]
CHR HKLM\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Altan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-06-30]
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader11.crx [Not Found]
CHR HKU\S-1-5-21-3264414195-358430586-3417125571-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Altan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-06-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-04-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-06] (Avast Software)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-06-16] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-29] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-04-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-04-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-04-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-04-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-07-22] ()
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-07-22] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-04-07] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-07] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1521544 2010-04-16] (Syntek)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220240 2015-04-06] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 18:53 - 2015-04-07 19:43 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-07 18:41 - 2015-04-07 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-04-07 18:05 - 2015-04-07 18:05 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-04-07 18:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-07 17:42 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-07 17:42 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-07 17:42 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-07 17:42 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-07 16:55 - 2015-04-07 16:55 - 00000134 _____ () C:\Users\Altan\Desktop\Internet Explorer Troubleshooting.url
2015-04-07 16:52 - 2015-04-07 16:55 - 00005959 _____ () C:\Windows\IE11_main.log
2015-04-07 16:27 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-07 16:27 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-07 16:27 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-07 16:27 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-07 16:26 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-07 16:26 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-07 16:26 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-07 16:26 - 2015-02-21 07:31 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-07 16:26 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-07 16:26 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-07 16:26 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-07 16:26 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-07 16:26 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-07 16:26 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-07 16:26 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-07 16:26 - 2015-02-21 06:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-07 16:26 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-07 16:26 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-07 16:26 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-07 16:25 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-07 16:25 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-07 16:20 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-07 16:19 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-07 16:19 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-07 16:19 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-07 16:19 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-07 16:19 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-07 16:19 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 16:18 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-04-07 16:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-07 16:17 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-07 16:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-07 16:16 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-07 16:16 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-07 16:16 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-07 16:15 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-07 16:15 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-07 16:15 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-04-07 16:15 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-07 16:15 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-07 16:14 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2015-04-07 16:14 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-07 16:14 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-04-07 16:13 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-07 16:13 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-07 16:13 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-07 16:13 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-07 16:12 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-07 16:12 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-07 16:11 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-07 16:11 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-07 16:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-07 16:11 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-07 16:11 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-07 16:11 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-04-07 16:11 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-07 16:11 - 2013-08-29 03:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-07 16:11 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-07 16:11 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-07 16:10 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-07 16:09 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-07 16:09 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-07 16:09 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-07 16:09 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-07 16:09 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-07 16:09 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-07 16:08 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-07 16:08 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-07 16:08 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-07 16:08 - 2013-07-03 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-04-07 16:08 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-04-07 16:08 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-04-07 16:06 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-07 16:06 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-07 15:46 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-07 15:46 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-07 15:46 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-07 15:45 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-04-07 15:45 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-04-07 15:44 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-07 15:43 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-07 15:43 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-07 15:43 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-07 15:43 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-07 15:43 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-07 15:43 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-07 15:43 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-07 15:43 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-07 15:43 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-07 15:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-07 15:42 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-07 15:42 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-07 15:42 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-07 15:42 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-04-07 15:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-07 15:41 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-07 15:41 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-07 15:41 - 2014-07-17 03:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-07 15:41 - 2014-07-17 03:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-07 15:41 - 2014-07-17 03:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-07 15:41 - 2014-07-17 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-07 15:40 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-07 15:40 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-07 15:40 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-07 15:39 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-07 15:39 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-07 15:39 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-04-07 15:39 - 2013-07-12 12:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-04-07 15:38 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-07 15:38 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-07 15:38 - 2014-12-06 05:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-07 15:38 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-07 15:38 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-07 15:38 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-04-07 15:37 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-07 15:37 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-07 15:37 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-07 15:37 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-07 15:37 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-07 15:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-07 15:37 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-07 15:37 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-07 15:37 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-07 15:37 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-07 15:37 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-07 15:37 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-07 15:37 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-07 15:37 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-07 15:37 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-07 15:37 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-07 15:37 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-07 15:37 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-07 15:37 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-07 15:37 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-07 15:25 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-07 15:25 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-07 15:25 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-07 14:27 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-07 14:27 - 2014-10-14 03:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-07 10:58 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-07 10:58 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-07 10:58 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-07 10:58 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-07 10:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-07 10:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-07 10:33 - 2015-04-07 14:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-07 10:33 - 2015-04-07 14:33 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-07 10:33 - 2015-04-07 10:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-07 10:31 - 2015-04-07 10:31 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-07 10:31 - 2015-04-07 10:31 - 00000000 ____D () C:\Users\Altan\Desktop\mbar
2015-04-07 10:26 - 2015-04-07 10:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Altan\Desktop\mbar-1.09.1.1004.exe
2015-04-07 10:26 - 2015-04-07 10:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Altan\Desktop\tdsskiller.exe
2015-04-06 22:40 - 2015-04-06 22:40 - 00009670 _____ () C:\Users\Altan\Desktop\Gmer.txt
2015-04-06 22:08 - 2015-04-07 20:36 - 00018560 _____ () C:\Users\Altan\Desktop\FRST.txt
2015-04-06 22:08 - 2015-04-07 20:35 - 00000000 ____D () C:\FRST
2015-04-06 22:08 - 2015-04-06 22:09 - 00380416 _____ () C:\Users\Altan\Desktop\Gmer-19357.exe
2015-04-06 22:07 - 2015-04-06 22:07 - 00000472 _____ () C:\Users\Altan\Desktop\defogger_disable.log
2015-04-06 22:07 - 2015-04-06 22:07 - 00000000 _____ () C:\Users\Altan\defogger_reenable
2015-04-06 22:06 - 2015-04-06 22:06 - 01135104 _____ (Farbar) C:\Users\Altan\Desktop\FRST.exe
2015-04-06 22:06 - 2015-04-06 22:06 - 00000000 ____D () C:\Users\Altan\Downloads\Neuer Ordner
2015-04-06 22:05 - 2015-04-06 22:05 - 00050477 _____ () C:\Users\Altan\Desktop\Defogger.exe
2015-04-06 21:16 - 2015-04-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-06 21:14 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-04-06 21:11 - 2015-04-07 17:34 - 00000000 ____D () C:\Program Files\Microsoft Works
2015-04-06 21:10 - 2015-04-06 21:10 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2015-04-06 21:04 - 2015-04-06 21:04 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2015-04-06 21:01 - 2015-04-07 18:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-06 21:01 - 2015-04-06 21:01 - 00000000 ____D () C:\Users\Altan\AppData\Local\Microsoft Help
2015-04-06 20:59 - 2015-04-06 20:59 - 00000000 __RHD () C:\MSOCache
2015-04-06 18:49 - 2015-04-06 18:50 - 00000000 ____D () C:\Program Files\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00001819 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-06 18:33 - 2015-04-06 18:41 - 00000000 ___RD () C:\Users\Altan\Eigene Musik
2015-04-06 18:33 - 2015-04-06 18:33 - 00000000 ___RD () C:\Users\Altan\Eigene Dokumente
2015-04-06 18:22 - 2015-04-06 18:32 - 00000000 ___RD () C:\Users\Altan\Eigene Bilder
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung DG
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3OG.rechts
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3 OG rechts 1
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\vorbereitungen fürs abi
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Universe Sandbox
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Ulead VideoStudio SE
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\studium
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\rezepte
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\OneNote-Notizbücher
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\DVDVideoSoft
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Corel User Files
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Bewerbung Alt4n
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Altan Bewerbung
2015-04-06 18:22 - 2015-04-03 15:46 - 39981374 _____ () C:\Users\Altan\14005_lenord_bauer_imagefilm_2014_Lenord,Bauer.webm
2015-04-06 18:22 - 2014-12-31 13:49 - 00048128 _____ () C:\Users\Altan\Abfallkalender 2014-2.xls
2015-04-06 18:22 - 2014-12-10 20:50 - 00006292 _____ () C:\Users\Altan\Telefunken V 660_1, V 661_1 und V 662_1 Anleitung.htm
2015-04-06 18:22 - 2014-06-15 17:05 - 00043520 _____ () C:\Users\Altan\Abfallkalender 2014.xls
2015-04-06 18:22 - 2013-07-08 17:20 - 02092792 _____ () C:\Users\Altan\avira_free_antivirus.exe
2015-04-06 18:22 - 2013-06-26 09:24 - 00039936 _____ () C:\Users\Altan\Abfallkalender 2012-2.xls
2015-04-06 18:22 - 2013-05-18 11:26 - 00002148 _____ () C:\Users\Altan\zivtserv.rdp
2015-04-06 18:22 - 2011-12-27 15:24 - 00024576 _____ () C:\Users\Altan\Abfallkalender 2012.xls
2015-04-06 18:22 - 2011-06-19 20:58 - 00024576 _____ () C:\Users\Altan\Kalender1.2010.xls
2015-04-06 18:22 - 2010-11-24 22:32 - 00011811 _____ () C:\Users\Altan\Skoda Octavia.wpd
2015-04-06 18:22 - 2010-06-20 10:36 - 00014336 _____ () C:\Users\Altan\Mappe1.xls
2015-04-06 18:22 - 2010-01-31 20:17 - 02551089 _____ () C:\Users\Altan\LebenslaufPers.wpd
2015-04-06 18:22 - 2009-12-26 13:43 - 00023040 _____ () C:\Users\Altan\Kalender.xls
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner2
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\NeroVision
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 __RSD () C:\Users\Altan\My Stationery
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\My Digital Editions
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\kleider
2015-04-06 18:20 - 2015-04-06 17:16 - 00000000 ____D () C:\Users\Altan\My Art
2015-04-06 18:19 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\Iris Kamera
2015-04-06 18:19 - 2015-04-06 18:19 - 00000000 ____D () C:\Users\Altan\gegl-0.0
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-04-06 18:02 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Wohnung 3OG. rechts
2015-04-06 18:01 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Neuer Ordner
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Canan´s Fotos
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Bafög
2015-04-06 17:57 - 2015-04-06 17:57 - 00000000 ____D () C:\Users\Altan\Documents\Ulead VideoStudio SE
2015-04-06 15:42 - 2015-04-06 15:45 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-06 15:38 - 2015-04-06 15:38 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\AVAST Software
2015-04-06 15:33 - 2015-04-06 15:33 - 00002018 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-06 15:31 - 2015-04-06 15:25 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-04-06 15:31 - 2015-04-06 15:24 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-04-06 15:31 - 2015-04-06 15:24 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-04-06 15:31 - 2013-08-20 11:15 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-04-06 15:31 - 2013-08-20 11:15 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-04-06 15:30 - 2015-04-06 15:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-06 15:30 - 2015-04-06 15:28 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-06 15:30 - 2015-04-06 15:28 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-06 15:29 - 2015-04-06 15:28 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-06 15:28 - 2015-04-06 15:28 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-06 15:25 - 2015-04-06 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-06 15:24 - 2015-04-06 15:33 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-06 15:23 - 2015-04-06 15:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-06 15:22 - 2015-04-06 15:28 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-06 15:22 - 2015-04-06 15:28 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-06 14:21 - 2015-04-06 14:21 - 06103040 _____ () C:\Program Files\GUTB606.tmp
2015-04-06 14:21 - 2015-04-06 14:21 - 00000000 ____D () C:\Program Files\GUMB5F6.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 20:31 - 2010-11-14 19:07 - 02052784 _____ () C:\Windows\WindowsUpdate.log
2015-04-07 20:27 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-07 20:27 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-07 20:21 - 2010-08-30 16:48 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-07 20:21 - 2010-07-22 19:43 - 00008224 _____ () C:\Users\Altan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-07 20:20 - 2012-03-31 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-07 20:19 - 2010-08-30 16:48 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-07 20:16 - 2013-03-21 21:13 - 00009138 _____ () C:\Windows\setupact.log
2015-04-07 20:16 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-07 20:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2015-04-07 19:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-07 19:12 - 2010-05-26 08:00 - 01614036 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-07 19:04 - 2009-07-14 06:33 - 00454160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 19:03 - 2013-03-25 11:06 - 00199506 _____ () C:\Windows\PFRO.log
2015-04-07 19:03 - 2010-05-26 10:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-07 18:54 - 2009-07-14 09:49 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-07 18:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-04-07 18:41 - 2011-05-26 17:27 - 00000000 ____D () C:\Program Files\Microsoft Application Virtualization Client
2015-04-07 18:30 - 2013-08-17 16:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-07 17:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-07 17:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-07 17:32 - 2009-07-14 04:04 - 00000499 _____ () C:\Windows\win.ini
2015-04-07 17:28 - 2010-05-26 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 14:27 - 2012-06-13 18:13 - 00000000 ____D () C:\Users\Altan\.nbi
2015-04-07 14:23 - 2010-07-28 18:36 - 00000000 ____D () C:\ProgramData\Sun
2015-04-07 14:20 - 2010-07-28 18:23 - 00000000 ____D () C:\Program Files\Java
2015-04-07 09:18 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-06 22:07 - 2010-07-22 19:39 - 00000000 ____D () C:\Users\Altan
2015-04-06 22:06 - 2010-07-26 22:38 - 00000000 ____D () C:\Users\Altan\AppData\Local\Mozilla
2015-04-06 21:47 - 2010-11-19 12:45 - 00000000 ____D () C:\Windows\Minidump
2015-04-06 21:45 - 2013-08-19 19:14 - 322491273 _____ () C:\Windows\MEMORY.DMP
2015-04-06 21:11 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-06 21:10 - 2010-05-26 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-06 21:10 - 2009-07-14 09:48 - 00000000 ____D () C:\Windows\ShellNew
2015-04-06 21:08 - 2010-09-14 12:54 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-04-06 20:56 - 2011-02-24 20:54 - 00267776 ___SH () C:\Users\Altan\Thumbs.db
2015-04-06 20:53 - 2010-08-30 16:48 - 00000000 ____D () C:\Users\Altan\AppData\Local\Google
2015-04-06 19:50 - 2011-03-12 11:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-06 18:25 - 2012-03-31 10:49 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-06 18:25 - 2011-05-20 18:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-06 18:18 - 2013-08-19 19:22 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-06 18:11 - 2010-07-22 20:52 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\Adobe
2015-04-06 18:11 - 2010-05-26 10:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-04-06 18:11 - 2010-05-26 10:51 - 00000000 ____D () C:\Program Files\Adobe
2015-04-06 18:10 - 2010-08-23 18:28 - 00000000 ____D () C:\Users\Altan\AppData\Local\Adobe
2015-04-06 15:28 - 2012-06-01 20:29 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-06 15:27 - 2011-04-18 21:07 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-06 15:24 - 2013-08-20 11:15 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-04-06 15:22 - 2010-05-26 10:22 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-04-06 15:22 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
2015-04-06 15:21 - 2010-05-26 10:22 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-04-06 14:21 - 2015-04-06 14:21 - 6103040 _____ () C:\Program Files\GUTB606.tmp
2011-07-13 15:57 - 2011-07-13 15:57 - 0138056 _____ () C:\Users\Altan\AppData\Roaming\PnkBstrK.sys
2011-07-16 21:19 - 2011-07-16 21:19 - 0000022 ___SH () C:\Users\Altan\AppData\Roaming\Sys2662.Config.Repository.bin
2011-09-09 16:30 - 2012-05-26 22:02 - 0077824 _____ () C:\Users\Altan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-01 19:07 - 2010-11-01 19:07 - 0007597 _____ () C:\Users\Altan\AppData\Local\Resmon.ResmonCfg
2011-11-02 21:07 - 2011-11-02 21:07 - 0000000 _____ () C:\Users\Altan\AppData\Local\{A4D1F345-121F-4A33-AA27-83EC8C707EF1}
2011-09-09 16:28 - 2011-09-09 16:28 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Altan\avira_free_antivirus.exe


Some content of TEMP:
====================
C:\Users\Altan\AppData\Local\Temp\CheatEngine63Clean.exe
C:\Users\Altan\AppData\Local\Temp\DeltaTB.exe
C:\Users\Altan\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Altan\AppData\Local\Temp\pricepeep_130001_0101.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

schrauber 08.04.2015 11:01
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Jabba131 08.04.2015 12:41
Ich hab jetzt schon 3 mal versucht mit mbam zu scannen. Ständig werden mir Fehlermeldungen angezeigt, avast deaktiviert sich von selbst, der explorer stürzt ab oder der pc lädt einfach runter. Soll ich das erstmal auslassen?

Ah hat doch noch geklappt, hab die Fehlermeldungen einfach ignoriert. Malwarebytes hat 511 bedrohungen gefunden.

mbam.txt
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 08.04.2015 12:33:20, SYSTEM, ALTAN-PC, Manual, Remediation Database, 2015.3.9.1, 2015.4.6.2,
Update, 08.04.2015 12:33:20, SYSTEM, ALTAN-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.3.31.1,
Update, 08.04.2015 12:33:26, SYSTEM, ALTAN-PC, Manual, Malware Database, 2015.3.9.5, 2015.4.8.2,
Error, 08.04.2015 12:53:22, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 12:53:22, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 12:53:22, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,
Error, 08.04.2015 13:02:18, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 13:02:18, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 13:02:18, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,
Error, 08.04.2015 13:09:57, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 13:09:57, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 13:09:57, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,
Error, 08.04.2015 13:18:02, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 13:18:02, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 13:18:02, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,
Update, 08.04.2015 13:24:04, SYSTEM, ALTAN-PC, Manual, Malware Database, 2015.4.8.2, 2015.4.8.3,
Error, 08.04.2015 13:29:56, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 13:29:56, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 13:29:56, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,
Update, 08.04.2015 13:32:06, SYSTEM, ALTAN-PC, Manual, Failed, Unable to access update server,
Error, 08.04.2015 13:40:04, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 13:40:04, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 13:40:04, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,
Update, 08.04.2015 13:42:59, SYSTEM, ALTAN-PC, Manual, Failed, Unable to access update server,
Scan, 08.04.2015 13:57:36, SYSTEM, ALTAN-PC, Manual, Start: 08.04.2015 13:43:04, Dauer: 13 Minuten 12 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 45 Malwareerkennung, "466" nicht-Malwareerkennung,
Error, 08.04.2015 13:59:52, SYSTEM, ALTAN-PC, Protection, IsLicensed, 13,
Protection, 08.04.2015 13:59:52, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopping,
Protection, 08.04.2015 13:59:52, SYSTEM, ALTAN-PC, Protection, Malware Protection, Stopped,

(end)

AdwCleaner
Code:
# AdwCleaner v4.201 - Bericht erstellt 08/04/2015 um 14:05:16
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Altan - ALTAN-PC
# Gestarted von : C:\Users\Altan\Desktop\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files\1ClickDownload
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\Iminent
Ordner Gelöscht : C:\Users\Altan\AppData\Local\apn
Ordner Gelöscht : C:\Users\Altan\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Altan\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Altan\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Altan\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Altan\AppData\LocalLow\Conduit
Datei Gelöscht : C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6E1E4CF4-1EB3-42B9-A059-7BDE6C20EFFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\AutocompleteProBHO
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Cheat Engine\OpenCandy
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v41.0.2272.118

[C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.facemoods.com/?a=drive&s={searchTerms}&f=4
[C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=161&systemid=406&sr=0&q={searchTerms}
[C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.claro-search.com/?q={searchTerms}&affID=109217&tt=090812_clr_3212_6&babsrc=SP_ss&mntrId=4a425ad70000000000001c4bd63faac8
[C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : leocdeigfnkaojcapikdjcdbedcjmffc

*************************

AdwCleaner[R0].txt - [6008 Bytes] - [08/04/2015 14:03:47]
AdwCleaner[S0].txt - [5928 Bytes] - [08/04/2015 14:05:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5987  Bytes] ##########
JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 7 Home Premium x86
Ran by Altan on 08.04.2015 at 14:10:23,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files

Successfully deleted: [File] "C:\Users\Altan\appdata\local\google\chrome\user data\default\local storage\http_sb.scorecardresearch.com_0.localstorage-journal"



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\AlawarWrapper
Successfully deleted: [Folder] "C:\Users\Altan\AppData\Roaming\getrighttogo"



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.04.2015 at 14:12:57,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Altan (administrator) on ALTAN-PC on 08-04-2015 14:13:43
Running from C:\Users\Altan\Desktop
Loaded Profiles: Altan (Available profiles: Altan)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-10] (Ulead Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5512912 2015-04-06] (Avast Software s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\...\MountPoints2: {0f4dd270-d496-11e0-a230-40618699f324} - J:\Install.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {D195FBBF-D679-4040-BAB0-BB5D9C60A182} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Altan\AppData\Roaming\Mozilla\Firefox\Profiles\tjj26bf8.default
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-06] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3264414195-358430586-3417125571-1001: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-12-17] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-18]
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox

Chrome:
=======
CHR Profile: C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (Google Wallet) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-04-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-04-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-06] (Avast Software)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-06-16] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-29] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-04-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-04-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-04-06] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-04-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-07-22] ()
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-07-22] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-03-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1521544 2010-04-16] (Syntek)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220240 2015-04-06] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 14:13 - 2015-04-08 14:14 - 00014966 _____ () C:\Users\Altan\Desktop\FRST.txt
2015-04-08 14:12 - 2015-04-08 14:12 - 00001283 _____ () C:\Users\Altan\Desktop\JRT.txt
2015-04-08 14:10 - 2015-04-08 14:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ALTAN-PC-Windows-7-Home-Premium-(32-bit).dat
2015-04-08 14:10 - 2015-04-08 14:10 - 00000000 ____D () C:\RegBackup
2015-04-08 14:08 - 2015-04-08 14:08 - 00006067 _____ () C:\Users\Altan\Desktop\AdwCleaner[S0].txt
2015-04-08 14:03 - 2015-04-08 14:05 - 00000000 ____D () C:\AdwCleaner
2015-04-08 14:03 - 2015-04-08 14:03 - 00002712 _____ () C:\Users\Altan\Desktop\mbam.txt
2015-04-08 13:07 - 2015-04-08 13:08 - 00155270 _____ () C:\unp304378681092812524.mdmp
2015-04-08 12:39 - 2015-04-08 12:39 - 00198682 _____ () C:\unp304378641420754480.mdmp
2015-04-08 12:36 - 2015-04-08 12:36 - 00200854 _____ () C:\unp304378633467259550.mdmp
2015-04-08 12:32 - 2015-04-08 12:32 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-08 12:32 - 2015-04-08 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-08 12:32 - 2015-04-08 12:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-08 12:32 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-08 12:32 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-08 12:31 - 2015-04-08 12:31 - 02686959 _____ (Thisisu) C:\Users\Altan\Desktop\JRT.exe
2015-04-08 12:31 - 2015-04-08 12:31 - 02217984 _____ () C:\Users\Altan\Desktop\AdwCleaner_4.201.exe
2015-04-08 12:29 - 2015-04-08 12:30 - 00198848 _____ () C:\unp304378623601758035.mdmp
2015-04-08 12:27 - 2015-04-08 12:27 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Altan\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-07 21:10 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-07 21:04 - 2015-04-07 21:04 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-07 21:04 - 2015-04-07 21:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-07 21:04 - 2015-04-07 21:04 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-04-07 21:04 - 2015-04-07 21:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-07 21:04 - 2015-04-07 21:04 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-07 21:04 - 2015-04-07 21:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-07 18:53 - 2015-04-07 19:43 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-07 18:41 - 2015-04-07 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-04-07 18:05 - 2015-04-07 18:05 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-04-07 18:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-07 17:42 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-07 17:42 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-07 17:42 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-07 17:42 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-07 16:55 - 2015-04-07 16:55 - 00000134 _____ () C:\Users\Altan\Desktop\Internet Explorer Troubleshooting.url
2015-04-07 16:52 - 2015-04-07 21:09 - 00016381 _____ () C:\Windows\IE11_main.log
2015-04-07 16:27 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-07 16:27 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-07 16:27 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-07 16:27 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-07 16:26 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-07 16:26 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-07 16:26 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-07 16:25 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-07 16:25 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-07 16:20 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-07 16:19 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-07 16:19 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-07 16:19 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-07 16:19 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-07 16:19 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-07 16:19 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 16:18 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-04-07 16:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-07 16:17 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-07 16:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-07 16:16 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-07 16:16 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-07 16:16 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-07 16:15 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-07 16:15 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-07 16:15 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-04-07 16:15 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-07 16:15 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-07 16:14 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-07 16:14 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-04-07 16:13 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-07 16:13 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-07 16:13 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-07 16:13 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-07 16:12 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-07 16:12 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-07 16:11 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-07 16:11 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-07 16:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-07 16:11 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-07 16:11 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-07 16:11 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-04-07 16:11 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-07 16:11 - 2013-08-29 03:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-07 16:11 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-07 16:11 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-07 16:10 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-07 16:09 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-07 16:09 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-07 16:09 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-07 16:09 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-07 16:09 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-07 16:09 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-07 16:08 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-07 16:08 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-07 16:08 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-07 16:08 - 2013-07-03 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-04-07 16:08 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-04-07 16:08 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-04-07 16:06 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-07 16:06 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-07 15:46 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-07 15:46 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-07 15:46 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-07 15:45 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-04-07 15:45 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-04-07 15:44 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-07 15:43 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-07 15:43 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-07 15:43 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-07 15:43 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-07 15:43 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-07 15:43 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-07 15:43 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-07 15:43 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-07 15:43 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-07 15:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-07 15:42 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-07 15:42 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-07 15:42 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-07 15:42 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-04-07 15:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-07 15:41 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-07 15:41 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-07 15:41 - 2014-07-17 03:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-07 15:41 - 2014-07-17 03:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-07 15:41 - 2014-07-17 03:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-07 15:41 - 2014-07-17 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-07 15:40 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-07 15:40 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-07 15:40 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-07 15:39 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-07 15:39 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-07 15:39 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-04-07 15:39 - 2013-07-12 12:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-04-07 15:38 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-07 15:38 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-07 15:38 - 2014-12-06 05:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-07 15:38 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-07 15:38 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-07 15:38 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-04-07 15:37 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-07 15:37 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-07 15:37 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-07 15:37 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-07 15:37 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-07 15:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-07 15:37 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-07 15:37 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-07 15:37 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-07 15:37 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-07 15:37 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-07 15:37 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-07 15:37 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-07 15:37 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-07 15:37 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-07 15:37 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-07 15:37 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-07 15:37 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-07 15:37 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-07 15:37 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-07 15:25 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-07 15:25 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-07 15:25 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-07 14:27 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-07 14:27 - 2014-10-14 03:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-07 10:58 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-07 10:58 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-07 10:58 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-07 10:58 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-07 10:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-07 10:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-07 10:33 - 2015-04-08 14:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-07 10:33 - 2015-04-08 14:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-07 10:33 - 2015-04-08 12:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-07 10:31 - 2015-04-07 10:31 - 00000000 ____D () C:\Users\Altan\Desktop\mbar
2015-04-07 10:31 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-07 10:26 - 2015-04-07 10:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Altan\Desktop\mbar-1.09.1.1004.exe
2015-04-07 10:26 - 2015-04-07 10:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Altan\Desktop\tdsskiller.exe
2015-04-06 22:40 - 2015-04-06 22:40 - 00009670 _____ () C:\Users\Altan\Desktop\Gmer.txt
2015-04-06 22:08 - 2015-04-08 14:13 - 00000000 ____D () C:\FRST
2015-04-06 22:08 - 2015-04-06 22:09 - 00380416 _____ () C:\Users\Altan\Desktop\Gmer-19357.exe
2015-04-06 22:07 - 2015-04-06 22:07 - 00000472 _____ () C:\Users\Altan\Desktop\defogger_disable.log
2015-04-06 22:07 - 2015-04-06 22:07 - 00000000 _____ () C:\Users\Altan\defogger_reenable
2015-04-06 22:06 - 2015-04-06 22:06 - 01135104 _____ (Farbar) C:\Users\Altan\Desktop\FRST.exe
2015-04-06 22:06 - 2015-04-06 22:06 - 00000000 ____D () C:\Users\Altan\Downloads\Neuer Ordner
2015-04-06 22:05 - 2015-04-06 22:05 - 00050477 _____ () C:\Users\Altan\Desktop\Defogger.exe
2015-04-06 21:16 - 2015-04-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-06 21:14 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-04-06 21:11 - 2015-04-07 17:34 - 00000000 ____D () C:\Program Files\Microsoft Works
2015-04-06 21:10 - 2015-04-06 21:10 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2015-04-06 21:04 - 2015-04-06 21:04 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2015-04-06 21:01 - 2015-04-07 18:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-06 21:01 - 2015-04-06 21:01 - 00000000 ____D () C:\Users\Altan\AppData\Local\Microsoft Help
2015-04-06 20:59 - 2015-04-06 20:59 - 00000000 __RHD () C:\MSOCache
2015-04-06 18:49 - 2015-04-06 18:50 - 00000000 ____D () C:\Program Files\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00001819 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-06 18:33 - 2015-04-06 18:41 - 00000000 ___RD () C:\Users\Altan\Eigene Musik
2015-04-06 18:33 - 2015-04-06 18:33 - 00000000 ___RD () C:\Users\Altan\Eigene Dokumente
2015-04-06 18:22 - 2015-04-06 18:32 - 00000000 ___RD () C:\Users\Altan\Eigene Bilder
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung DG
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3OG.rechts
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3 OG rechts 1
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\vorbereitungen fürs abi
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Universe Sandbox
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Ulead VideoStudio SE
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\studium
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\rezepte
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\OneNote-Notizbücher
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\DVDVideoSoft
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Corel User Files
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Bewerbung Alt4n
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Altan Bewerbung
2015-04-06 18:22 - 2015-04-03 15:46 - 39981374 _____ () C:\Users\Altan\14005_lenord_bauer_imagefilm_2014_Lenord,Bauer.webm
2015-04-06 18:22 - 2014-12-31 13:49 - 00048128 _____ () C:\Users\Altan\Abfallkalender 2014-2.xls
2015-04-06 18:22 - 2014-12-10 20:50 - 00006292 _____ () C:\Users\Altan\Telefunken V 660_1, V 661_1 und V 662_1 Anleitung.htm
2015-04-06 18:22 - 2014-06-15 17:05 - 00043520 _____ () C:\Users\Altan\Abfallkalender 2014.xls
2015-04-06 18:22 - 2013-07-08 17:20 - 02092792 _____ () C:\Users\Altan\avira_free_antivirus.exe
2015-04-06 18:22 - 2013-06-26 09:24 - 00039936 _____ () C:\Users\Altan\Abfallkalender 2012-2.xls
2015-04-06 18:22 - 2013-05-18 11:26 - 00002148 _____ () C:\Users\Altan\zivtserv.rdp
2015-04-06 18:22 - 2011-12-27 15:24 - 00024576 _____ () C:\Users\Altan\Abfallkalender 2012.xls
2015-04-06 18:22 - 2011-06-19 20:58 - 00024576 _____ () C:\Users\Altan\Kalender1.2010.xls
2015-04-06 18:22 - 2010-11-24 22:32 - 00011811 _____ () C:\Users\Altan\Skoda Octavia.wpd
2015-04-06 18:22 - 2010-06-20 10:36 - 00014336 _____ () C:\Users\Altan\Mappe1.xls
2015-04-06 18:22 - 2010-01-31 20:17 - 02551089 _____ () C:\Users\Altan\LebenslaufPers.wpd
2015-04-06 18:22 - 2009-12-26 13:43 - 00023040 _____ () C:\Users\Altan\Kalender.xls
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner2
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\NeroVision
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 __RSD () C:\Users\Altan\My Stationery
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\My Digital Editions
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\kleider
2015-04-06 18:20 - 2015-04-06 17:16 - 00000000 ____D () C:\Users\Altan\My Art
2015-04-06 18:19 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\Iris Kamera
2015-04-06 18:19 - 2015-04-06 18:19 - 00000000 ____D () C:\Users\Altan\gegl-0.0
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-04-06 18:02 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Wohnung 3OG. rechts
2015-04-06 18:01 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Neuer Ordner
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Canan´s Fotos
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Bafög
2015-04-06 17:57 - 2015-04-06 17:57 - 00000000 ____D () C:\Users\Altan\Documents\Ulead VideoStudio SE
2015-04-06 15:42 - 2015-04-06 15:45 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-06 15:38 - 2015-04-06 15:38 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\AVAST Software
2015-04-06 15:33 - 2015-04-06 15:33 - 00002018 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-06 15:31 - 2015-04-06 15:25 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-04-06 15:31 - 2015-04-06 15:24 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-04-06 15:31 - 2015-04-06 15:24 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-04-06 15:31 - 2013-08-20 11:15 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-04-06 15:31 - 2013-08-20 11:15 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-04-06 15:30 - 2015-04-06 15:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-06 15:30 - 2015-04-06 15:28 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-06 15:30 - 2015-04-06 15:28 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-06 15:29 - 2015-04-06 15:28 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-06 15:28 - 2015-04-06 15:28 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-06 15:25 - 2015-04-06 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-06 15:24 - 2015-04-06 15:33 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-06 15:23 - 2015-04-06 15:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-06 15:22 - 2015-04-06 15:28 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-06 15:22 - 2015-04-06 15:28 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-06 14:21 - 2015-04-06 14:21 - 06103040 _____ () C:\Program Files\GUTB606.tmp
2015-04-06 14:21 - 2015-04-06 14:21 - 00000000 ____D () C:\Program Files\GUMB5F6.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 14:12 - 2010-11-14 19:07 - 01670708 _____ () C:\Windows\WindowsUpdate.log
2015-04-08 14:08 - 2010-08-30 16:48 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-08 14:07 - 2013-03-25 11:06 - 00386750 _____ () C:\Windows\PFRO.log
2015-04-08 14:07 - 2013-03-21 21:13 - 00009810 _____ () C:\Windows\setupact.log
2015-04-08 14:07 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 14:05 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-08 14:05 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-08 13:21 - 2010-08-30 16:48 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-08 13:20 - 2012-03-31 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-08 13:07 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-08 13:01 - 2010-11-19 12:45 - 00000000 ____D () C:\Windows\Minidump
2015-04-08 13:00 - 2013-08-19 19:14 - 422924681 _____ () C:\Windows\MEMORY.DMP
2015-04-08 12:56 - 2010-07-22 19:43 - 00127048 _____ () C:\Users\Altan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-07 21:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-04-07 20:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2015-04-07 19:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-07 19:12 - 2010-05-26 08:00 - 01614036 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-07 19:04 - 2009-07-14 06:33 - 00454160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 19:03 - 2010-05-26 10:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-07 18:54 - 2009-07-14 09:49 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-07 18:41 - 2011-05-26 17:27 - 00000000 ____D () C:\Program Files\Microsoft Application Virtualization Client
2015-04-07 18:30 - 2013-08-17 16:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-07 17:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-07 17:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-07 17:32 - 2009-07-14 04:04 - 00000499 _____ () C:\Windows\win.ini
2015-04-07 17:28 - 2010-05-26 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 14:27 - 2012-06-13 18:13 - 00000000 ____D () C:\Users\Altan\.nbi
2015-04-07 14:23 - 2010-07-28 18:36 - 00000000 ____D () C:\ProgramData\Sun
2015-04-07 14:20 - 2010-07-28 18:23 - 00000000 ____D () C:\Program Files\Java
2015-04-06 22:07 - 2010-07-22 19:39 - 00000000 ____D () C:\Users\Altan
2015-04-06 22:06 - 2010-07-26 22:38 - 00000000 ____D () C:\Users\Altan\AppData\Local\Mozilla
2015-04-06 21:11 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-06 21:10 - 2010-05-26 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-06 21:10 - 2009-07-14 09:48 - 00000000 ____D () C:\Windows\ShellNew
2015-04-06 21:08 - 2010-09-14 12:54 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-04-06 20:56 - 2011-02-24 20:54 - 00267776 ___SH () C:\Users\Altan\Thumbs.db
2015-04-06 20:53 - 2010-08-30 16:48 - 00000000 ____D () C:\Users\Altan\AppData\Local\Google
2015-04-06 19:50 - 2011-03-12 11:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-06 18:25 - 2012-03-31 10:49 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-06 18:25 - 2011-05-20 18:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-06 18:18 - 2013-08-19 19:22 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-06 18:11 - 2010-07-22 20:52 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\Adobe
2015-04-06 18:11 - 2010-05-26 10:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-04-06 18:11 - 2010-05-26 10:51 - 00000000 ____D () C:\Program Files\Adobe
2015-04-06 18:10 - 2010-08-23 18:28 - 00000000 ____D () C:\Users\Altan\AppData\Local\Adobe
2015-04-06 15:28 - 2012-06-01 20:29 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-06 15:27 - 2011-04-18 21:07 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-06 15:24 - 2013-08-20 11:15 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-04-06 15:22 - 2010-05-26 10:22 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-04-06 15:22 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
2015-04-06 15:21 - 2010-05-26 10:22 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-04-06 14:21 - 2015-04-06 14:21 - 6103040 _____ () C:\Program Files\GUTB606.tmp
2011-07-13 15:57 - 2011-07-13 15:57 - 0138056 _____ () C:\Users\Altan\AppData\Roaming\PnkBstrK.sys
2011-07-16 21:19 - 2011-07-16 21:19 - 0000022 ___SH () C:\Users\Altan\AppData\Roaming\Sys2662.Config.Repository.bin
2011-09-09 16:30 - 2012-05-26 22:02 - 0077824 _____ () C:\Users\Altan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-01 19:07 - 2010-11-01 19:07 - 0007597 _____ () C:\Users\Altan\AppData\Local\Resmon.ResmonCfg
2011-11-02 21:07 - 2011-11-02 21:07 - 0000000 _____ () C:\Users\Altan\AppData\Local\{A4D1F345-121F-4A33-AA27-83EC8C707EF1}
2011-09-09 16:28 - 2011-09-09 16:28 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Altan\avira_free_antivirus.exe


Some content of TEMP:
====================
C:\Users\Altan\AppData\Local\Temp\CheatEngine63Clean.exe
C:\Users\Altan\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Altan\AppData\Local\Temp\Quarantine.exe
C:\Users\Altan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-18 18:07

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 08.04.2015 18:42

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Jabba131 08.04.2015 23:29
Eset
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=74a36839112ea9449cb36a52c9d97fb9
# engine=23289
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-08 09:08:25
# local_time=2015-04-08 11:08:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 33398 180158496 0 0
# scanned=258076
# found=11
# cleaned=0
# scan_time=9055
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=DD3E89FA9DA2FC16CC562A20469CE8D19E590F46 ft=1 fh=16fc1eedb3addde1 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Iminent\IMBooster\inst\Bootstrapper\Bootstrapper.exe.vir"
sh=4D1C2C7492C0440E48AE0FDBB063D3B8EF56833B ft=0 fh=0000000000000000 vn="Variante von Win32/SlowPCfighter evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ReviverSoft\RegistryReviver\InstallCache\{E31E4E05-4B6B-42A5-8623-EB530F8147F5}\RegistryReviver.msi"
sh=4D1C2C7492C0440E48AE0FDBB063D3B8EF56833B ft=0 fh=0000000000000000 vn="Variante von Win32/SlowPCfighter evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ReviverSoft\RegistryReviver\InstallCache\{E31E4E05-4B6B-42A5-8623-EB530F8147F5}\RegistryReviver.msi"
sh=8B5E571DB7D7BAC4CB681C5F85CB81510F95FDD5 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.OneStep.Z Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VW6J7UR\upgrade[1].cab"
sh=CFA2C2DECC440D8F27DAA2FA0E3C1CC09EECD6B3 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.OneStep.Z Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1KQIRYY\upgrade[1].cab"
sh=ED260E3CDC8FA15BB49AB029FE4B40A6AC4200B7 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.OneStep.Z Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q17W8WRZ\upgrade[1].cab"
sh=EA860A4CA8B9E75B66DD5F6618082CB10B429EF7 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.OneStep.AA Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q17W8WRZ\upgrade[2].cab"
sh=8D84BE6BCEAE306EBC2F252998A362AA5E55A38A ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.OneStep.Z Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4U8ODCS\upgrade[1].cab"
sh=259B1375ED8E84943CA1D42646BB416325C89E12 ft=0 fh=0000000000000000 vn="Win32/Adware.Virtumonde Anwendung" ac=I fn="D:\Esref\Lokale Einstellungen\Temp\removalfile.bat"
sh=259B1375ED8E84943CA1D42646BB416325C89E12 ft=0 fh=0000000000000000 vn="Win32/Adware.Virtumonde Anwendung" ac=I fn="K:\Computer\Datenträger D\Esref\Lokale Einstellungen\Temp\removalfile.bat"
checkup
Code:
Results of screen317's Security Check version 0.99.99 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java(TM) 6 Update 31 
 Java 8 Update 40 
 Adobe Flash Player        17.0.0.134 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (37.0.1)
 Google Chrome (41.0.2272.118)
````````Process Check: objlist.exe by Laurent```````` 
 Alwil Software Avast5 AvastSvc.exe 
 Alwil Software Avast5 ng vbox\AvastVBoxSVC.exe
 Alwil Software Avast5 AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Altan (administrator) on ALTAN-PC on 09-04-2015 00:21:47
Running from C:\Users\Altan\Desktop
Loaded Profiles: Altan (Available profiles: Altan)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-10] (Ulead Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5512912 2015-04-06] (Avast Software s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\...\MountPoints2: {0f4dd270-d496-11e0-a230-40618699f324} - J:\Install.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKU\S-1-5-21-3264414195-358430586-3417125571-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {D195FBBF-D679-4040-BAB0-BB5D9C60A182} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3264414195-358430586-3417125571-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Altan\AppData\Roaming\Mozilla\Firefox\Profiles\tjj26bf8.default
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-06] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3264414195-358430586-3417125571-1001: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-12-17] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-18]
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox

Chrome:
=======
CHR Profile: C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (Google Wallet) - C:\Users\Altan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-04-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-04-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-06] (Avast Software)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-06-16] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-29] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-04-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-04-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-04-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-04-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-07-22] ()
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-07-22] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-03-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1521544 2010-04-16] (Syntek)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220240 2015-04-06] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 00:21 - 2015-04-09 00:21 - 00000906 _____ () C:\Users\Altan\Desktop\checkup.txt
2015-04-08 20:37 - 2015-04-08 20:38 - 00852607 _____ () C:\Users\Altan\Desktop\SecurityCheck.exe
2015-04-08 20:34 - 2015-04-08 20:34 - 00000000 ____D () C:\Program Files\ESET
2015-04-08 20:33 - 2015-04-08 20:34 - 02347384 _____ (ESET) C:\Users\Altan\Desktop\esetsmartinstaller_deu.exe
2015-04-08 14:14 - 2015-04-08 14:14 - 00019895 _____ () C:\Users\Altan\Desktop\Addition.txt
2015-04-08 14:13 - 2015-04-09 00:21 - 00015855 _____ () C:\Users\Altan\Desktop\FRST.txt
2015-04-08 14:12 - 2015-04-08 14:12 - 00001283 _____ () C:\Users\Altan\Desktop\JRT.txt
2015-04-08 14:10 - 2015-04-08 14:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ALTAN-PC-Windows-7-Home-Premium-(32-bit).dat
2015-04-08 14:10 - 2015-04-08 14:10 - 00000000 ____D () C:\RegBackup
2015-04-08 14:08 - 2015-04-08 14:08 - 00006067 _____ () C:\Users\Altan\Desktop\AdwCleaner[S0].txt
2015-04-08 14:03 - 2015-04-08 14:05 - 00000000 ____D () C:\AdwCleaner
2015-04-08 14:03 - 2015-04-08 14:03 - 00002712 _____ () C:\Users\Altan\Desktop\mbam.txt
2015-04-08 13:07 - 2015-04-08 13:08 - 00155270 _____ () C:\unp304378681092812524.mdmp
2015-04-08 12:39 - 2015-04-08 12:39 - 00198682 _____ () C:\unp304378641420754480.mdmp
2015-04-08 12:36 - 2015-04-08 12:36 - 00200854 _____ () C:\unp304378633467259550.mdmp
2015-04-08 12:32 - 2015-04-08 12:32 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-08 12:32 - 2015-04-08 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-08 12:32 - 2015-04-08 12:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-08 12:32 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-08 12:32 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-08 12:31 - 2015-04-08 12:31 - 02686959 _____ (Thisisu) C:\Users\Altan\Desktop\JRT.exe
2015-04-08 12:31 - 2015-04-08 12:31 - 02217984 _____ () C:\Users\Altan\Desktop\AdwCleaner_4.201.exe
2015-04-08 12:29 - 2015-04-08 12:30 - 00198848 _____ () C:\unp304378623601758035.mdmp
2015-04-08 12:27 - 2015-04-08 12:27 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Altan\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-07 21:10 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-07 21:04 - 2015-04-07 21:04 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-07 21:04 - 2015-04-07 21:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-07 21:04 - 2015-04-07 21:04 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-04-07 21:04 - 2015-04-07 21:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-07 21:04 - 2015-04-07 21:04 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-07 21:04 - 2015-04-07 21:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-07 21:04 - 2015-04-07 21:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-07 21:04 - 2015-04-07 21:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-07 18:53 - 2015-04-07 19:43 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-07 18:41 - 2015-04-07 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-04-07 18:05 - 2015-04-07 18:05 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-04-07 18:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-07 17:42 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-07 17:42 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-07 17:42 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-07 17:42 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-07 16:55 - 2015-04-07 16:55 - 00000134 _____ () C:\Users\Altan\Desktop\Internet Explorer Troubleshooting.url
2015-04-07 16:52 - 2015-04-07 21:09 - 00016381 _____ () C:\Windows\IE11_main.log
2015-04-07 16:27 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-07 16:27 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-07 16:27 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-07 16:27 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-07 16:26 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-07 16:26 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-07 16:26 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-07 16:25 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-07 16:25 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-07 16:25 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-07 16:23 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-07 16:20 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-07 16:19 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-07 16:19 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-07 16:19 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-07 16:19 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-07 16:19 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-07 16:19 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 16:18 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-04-07 16:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-07 16:17 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-07 16:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-07 16:16 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-07 16:16 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-07 16:16 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-07 16:15 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-07 16:15 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-07 16:15 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-04-07 16:15 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-07 16:15 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-07 16:14 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-07 16:14 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-04-07 16:13 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-07 16:13 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-07 16:13 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-07 16:13 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-07 16:13 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-07 16:12 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-07 16:12 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-07 16:11 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-07 16:11 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-07 16:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-07 16:11 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-07 16:11 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-07 16:11 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-04-07 16:11 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-07 16:11 - 2013-08-29 03:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-07 16:11 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-07 16:11 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-07 16:10 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-07 16:09 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-07 16:09 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-07 16:09 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-07 16:09 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-07 16:09 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-07 16:09 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-07 16:08 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-07 16:08 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-07 16:08 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-07 16:08 - 2013-07-03 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-04-07 16:08 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-04-07 16:08 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-04-07 16:06 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-07 16:06 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-07 16:06 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-07 15:46 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-07 15:46 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-07 15:46 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-07 15:45 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-04-07 15:45 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-04-07 15:44 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-07 15:43 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-07 15:43 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-07 15:43 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-07 15:43 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-07 15:43 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-07 15:43 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-07 15:43 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-07 15:43 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-07 15:43 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-07 15:43 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-07 15:43 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-07 15:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-07 15:42 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-07 15:42 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-07 15:42 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-07 15:42 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-04-07 15:42 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-07 15:41 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-07 15:41 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-07 15:41 - 2014-07-17 03:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-07 15:41 - 2014-07-17 03:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-07 15:41 - 2014-07-17 03:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-07 15:41 - 2014-07-17 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-07 15:40 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-07 15:40 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-07 15:40 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 15:40 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-07 15:39 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-07 15:39 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-07 15:39 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-04-07 15:39 - 2013-07-12 12:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-04-07 15:38 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-07 15:38 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-07 15:38 - 2014-12-06 05:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-07 15:38 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-07 15:38 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-07 15:38 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-07 15:38 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-04-07 15:37 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-07 15:37 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-07 15:37 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-07 15:37 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-07 15:37 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-07 15:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-07 15:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-07 15:37 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-07 15:37 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-07 15:37 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-07 15:37 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-07 15:37 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-07 15:37 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-07 15:37 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-07 15:37 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-07 15:37 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-07 15:37 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-07 15:37 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-07 15:37 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-07 15:37 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-07 15:37 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-07 15:37 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-07 15:25 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-07 15:25 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-07 15:25 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-07 15:25 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-07 15:25 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-07 14:27 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-07 14:27 - 2014-10-14 03:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-07 10:58 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-07 10:58 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-07 10:58 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-07 10:58 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-07 10:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-07 10:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-07 10:33 - 2015-04-08 14:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-07 10:33 - 2015-04-08 14:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-07 10:33 - 2015-04-08 12:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-07 10:31 - 2015-04-07 10:31 - 00000000 ____D () C:\Users\Altan\Desktop\mbar
2015-04-07 10:31 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-07 10:26 - 2015-04-07 10:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Altan\Desktop\mbar-1.09.1.1004.exe
2015-04-07 10:26 - 2015-04-07 10:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Altan\Desktop\tdsskiller.exe
2015-04-06 22:40 - 2015-04-06 22:40 - 00009670 _____ () C:\Users\Altan\Desktop\Gmer.txt
2015-04-06 22:08 - 2015-04-09 00:21 - 00000000 ____D () C:\FRST
2015-04-06 22:08 - 2015-04-06 22:09 - 00380416 _____ () C:\Users\Altan\Desktop\Gmer-19357.exe
2015-04-06 22:07 - 2015-04-06 22:07 - 00000472 _____ () C:\Users\Altan\Desktop\defogger_disable.log
2015-04-06 22:07 - 2015-04-06 22:07 - 00000000 _____ () C:\Users\Altan\defogger_reenable
2015-04-06 22:06 - 2015-04-06 22:06 - 01135104 _____ (Farbar) C:\Users\Altan\Desktop\FRST.exe
2015-04-06 22:06 - 2015-04-06 22:06 - 00000000 ____D () C:\Users\Altan\Downloads\Neuer Ordner
2015-04-06 22:05 - 2015-04-06 22:05 - 00050477 _____ () C:\Users\Altan\Desktop\Defogger.exe
2015-04-06 21:16 - 2015-04-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-06 21:14 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-04-06 21:11 - 2015-04-07 17:34 - 00000000 ____D () C:\Program Files\Microsoft Works
2015-04-06 21:10 - 2015-04-06 21:10 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2015-04-06 21:04 - 2015-04-06 21:04 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2015-04-06 21:01 - 2015-04-07 18:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-06 21:01 - 2015-04-06 21:01 - 00000000 ____D () C:\Users\Altan\AppData\Local\Microsoft Help
2015-04-06 20:59 - 2015-04-06 20:59 - 00000000 __RHD () C:\MSOCache
2015-04-06 18:49 - 2015-04-06 18:50 - 00000000 ____D () C:\Program Files\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00001819 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-04-06 18:49 - 2015-04-06 18:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-06 18:33 - 2015-04-06 18:41 - 00000000 ___RD () C:\Users\Altan\Eigene Musik
2015-04-06 18:33 - 2015-04-06 18:33 - 00000000 ___RD () C:\Users\Altan\Eigene Dokumente
2015-04-06 18:22 - 2015-04-06 18:32 - 00000000 ___RD () C:\Users\Altan\Eigene Bilder
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung DG
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3OG.rechts
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Wohnung 3 OG rechts 1
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\vorbereitungen fürs abi
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Universe Sandbox
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Ulead VideoStudio SE
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\studium
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\rezepte
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\OneNote-Notizbücher
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\DVDVideoSoft
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Corel User Files
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Bewerbung Alt4n
2015-04-06 18:22 - 2015-04-06 18:22 - 00000000 ____D () C:\Users\Altan\Altan Bewerbung
2015-04-06 18:22 - 2015-04-03 15:46 - 39981374 _____ () C:\Users\Altan\14005_lenord_bauer_imagefilm_2014_Lenord,Bauer.webm
2015-04-06 18:22 - 2014-12-31 13:49 - 00048128 _____ () C:\Users\Altan\Abfallkalender 2014-2.xls
2015-04-06 18:22 - 2014-12-10 20:50 - 00006292 _____ () C:\Users\Altan\Telefunken V 660_1, V 661_1 und V 662_1 Anleitung.htm
2015-04-06 18:22 - 2014-06-15 17:05 - 00043520 _____ () C:\Users\Altan\Abfallkalender 2014.xls
2015-04-06 18:22 - 2013-07-08 17:20 - 02092792 _____ () C:\Users\Altan\avira_free_antivirus.exe
2015-04-06 18:22 - 2013-06-26 09:24 - 00039936 _____ () C:\Users\Altan\Abfallkalender 2012-2.xls
2015-04-06 18:22 - 2013-05-18 11:26 - 00002148 _____ () C:\Users\Altan\zivtserv.rdp
2015-04-06 18:22 - 2011-12-27 15:24 - 00024576 _____ () C:\Users\Altan\Abfallkalender 2012.xls
2015-04-06 18:22 - 2011-06-19 20:58 - 00024576 _____ () C:\Users\Altan\Kalender1.2010.xls
2015-04-06 18:22 - 2010-11-24 22:32 - 00011811 _____ () C:\Users\Altan\Skoda Octavia.wpd
2015-04-06 18:22 - 2010-06-20 10:36 - 00014336 _____ () C:\Users\Altan\Mappe1.xls
2015-04-06 18:22 - 2010-01-31 20:17 - 02551089 _____ () C:\Users\Altan\LebenslaufPers.wpd
2015-04-06 18:22 - 2009-12-26 13:43 - 00023040 _____ () C:\Users\Altan\Kalender.xls
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner2
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\Neuer Ordner
2015-04-06 18:21 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Altan\NeroVision
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 __RSD () C:\Users\Altan\My Stationery
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\My Digital Editions
2015-04-06 18:20 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\kleider
2015-04-06 18:20 - 2015-04-06 17:16 - 00000000 ____D () C:\Users\Altan\My Art
2015-04-06 18:19 - 2015-04-06 18:20 - 00000000 ____D () C:\Users\Altan\Iris Kamera
2015-04-06 18:19 - 2015-04-06 18:19 - 00000000 ____D () C:\Users\Altan\gegl-0.0
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-04-06 18:11 - 2015-04-06 18:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-04-06 18:02 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Wohnung 3OG. rechts
2015-04-06 18:01 - 2015-04-06 18:02 - 00000000 ____D () C:\Users\Altan\Desktop\Neuer Ordner
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Canan´s Fotos
2015-04-06 18:01 - 2015-04-06 18:01 - 00000000 ____D () C:\Users\Altan\Desktop\Bafög
2015-04-06 17:57 - 2015-04-06 17:57 - 00000000 ____D () C:\Users\Altan\Documents\Ulead VideoStudio SE
2015-04-06 15:42 - 2015-04-06 15:45 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-06 15:38 - 2015-04-06 15:38 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\AVAST Software
2015-04-06 15:33 - 2015-04-06 15:33 - 00002018 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-06 15:31 - 2015-04-06 15:25 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-04-06 15:31 - 2015-04-06 15:24 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-04-06 15:31 - 2015-04-06 15:24 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-04-06 15:31 - 2013-08-20 11:15 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-04-06 15:31 - 2013-08-20 11:15 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-04-06 15:30 - 2015-04-06 15:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-06 15:30 - 2015-04-06 15:28 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-06 15:30 - 2015-04-06 15:28 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-06 15:29 - 2015-04-06 15:28 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-06 15:28 - 2015-04-06 15:28 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-06 15:25 - 2015-04-06 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-06 15:24 - 2015-04-06 15:33 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-06 15:23 - 2015-04-06 15:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-06 15:22 - 2015-04-06 15:28 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-06 15:22 - 2015-04-06 15:28 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-06 14:21 - 2015-04-06 14:21 - 06103040 _____ () C:\Program Files\GUTB606.tmp
2015-04-06 14:21 - 2015-04-06 14:21 - 00000000 ____D () C:\Program Files\GUMB5F6.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 00:21 - 2010-08-30 16:48 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-09 00:20 - 2012-03-31 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-08 21:32 - 2010-08-30 16:48 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-08 20:35 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-08 20:34 - 2010-05-26 08:00 - 01614036 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 20:34 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-08 20:30 - 2013-03-21 21:13 - 00010661 _____ () C:\Windows\setupact.log
2015-04-08 20:30 - 2010-11-14 19:07 - 01675232 _____ () C:\Windows\WindowsUpdate.log
2015-04-08 20:26 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 14:07 - 2013-03-25 11:06 - 00386750 _____ () C:\Windows\PFRO.log
2015-04-08 13:07 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-08 13:01 - 2010-11-19 12:45 - 00000000 ____D () C:\Windows\Minidump
2015-04-08 13:00 - 2013-08-19 19:14 - 422924681 _____ () C:\Windows\MEMORY.DMP
2015-04-08 12:56 - 2010-07-22 19:43 - 00127048 _____ () C:\Users\Altan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-07 21:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-04-07 20:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2015-04-07 19:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-07 19:04 - 2009-07-14 06:33 - 00454160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 19:03 - 2010-05-26 10:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-07 18:54 - 2009-07-14 09:49 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-07 18:41 - 2011-05-26 17:27 - 00000000 ____D () C:\Program Files\Microsoft Application Virtualization Client
2015-04-07 18:30 - 2013-08-17 16:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-07 17:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-07 17:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-07 17:32 - 2009-07-14 04:04 - 00000499 _____ () C:\Windows\win.ini
2015-04-07 17:28 - 2010-05-26 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 14:27 - 2012-06-13 18:13 - 00000000 ____D () C:\Users\Altan\.nbi
2015-04-07 14:23 - 2010-07-28 18:36 - 00000000 ____D () C:\ProgramData\Sun
2015-04-07 14:20 - 2010-07-28 18:23 - 00000000 ____D () C:\Program Files\Java
2015-04-06 22:07 - 2010-07-22 19:39 - 00000000 ____D () C:\Users\Altan
2015-04-06 22:06 - 2010-07-26 22:38 - 00000000 ____D () C:\Users\Altan\AppData\Local\Mozilla
2015-04-06 21:11 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-06 21:10 - 2010-05-26 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-06 21:10 - 2009-07-14 09:48 - 00000000 ____D () C:\Windows\ShellNew
2015-04-06 21:08 - 2010-09-14 12:54 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-04-06 20:56 - 2011-02-24 20:54 - 00267776 ___SH () C:\Users\Altan\Thumbs.db
2015-04-06 20:53 - 2010-08-30 16:48 - 00000000 ____D () C:\Users\Altan\AppData\Local\Google
2015-04-06 19:50 - 2011-03-12 11:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-06 18:25 - 2012-03-31 10:49 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-06 18:25 - 2011-05-20 18:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-06 18:18 - 2013-08-19 19:22 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-06 18:11 - 2010-07-22 20:52 - 00000000 ____D () C:\Users\Altan\AppData\Roaming\Adobe
2015-04-06 18:11 - 2010-05-26 10:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-04-06 18:11 - 2010-05-26 10:51 - 00000000 ____D () C:\Program Files\Adobe
2015-04-06 18:10 - 2010-08-23 18:28 - 00000000 ____D () C:\Users\Altan\AppData\Local\Adobe
2015-04-06 15:28 - 2012-06-01 20:29 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-06 15:28 - 2011-01-08 13:07 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-06 15:27 - 2011-04-18 21:07 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-06 15:24 - 2013-08-20 11:15 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-04-06 15:22 - 2010-05-26 10:22 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-04-06 15:22 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
2015-04-06 15:21 - 2010-05-26 10:22 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-04-06 14:21 - 2015-04-06 14:21 - 6103040 _____ () C:\Program Files\GUTB606.tmp
2011-07-13 15:57 - 2011-07-13 15:57 - 0138056 _____ () C:\Users\Altan\AppData\Roaming\PnkBstrK.sys
2011-07-16 21:19 - 2011-07-16 21:19 - 0000022 ___SH () C:\Users\Altan\AppData\Roaming\Sys2662.Config.Repository.bin
2011-09-09 16:30 - 2012-05-26 22:02 - 0077824 _____ () C:\Users\Altan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-01 19:07 - 2010-11-01 19:07 - 0007597 _____ () C:\Users\Altan\AppData\Local\Resmon.ResmonCfg
2011-11-02 21:07 - 2011-11-02 21:07 - 0000000 _____ () C:\Users\Altan\AppData\Local\{A4D1F345-121F-4A33-AA27-83EC8C707EF1}
2011-09-09 16:28 - 2011-09-09 16:28 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Altan\avira_free_antivirus.exe


Some content of TEMP:
====================
C:\Users\Altan\AppData\Local\Temp\CheatEngine63Clean.exe
C:\Users\Altan\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Altan\AppData\Local\Temp\Quarantine.exe
C:\Users\Altan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-18 18:07

==================== End Of Log ============================
--- --- ---


Keine Probleme mehr soweit ich das erkenne :applaus: Vielen Dank dacht schon die Graphikkarte wär kaputt oder so:lach:

schrauber 09.04.2015 15:54
Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\ReviverSoft\RegistryReviver

C:\Users\All Users\ReviverSoft\RegistryReviver\InstallCache\{E31E4E05-4B6B-42A5-8623-EB530F8147F5}\RegistryReviver.msi

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VW6J7UR\upgrade[1].cab

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1KQIRYY\upgrade[1].cab

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q17W8WRZ\upgrade[1].cab

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q17W8WRZ\upgrade[2].cab

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4U8ODCS\upgrade[1].cab

D:\Esref\Lokale Einstellungen\Temp\removalfile.bat

K:\Computer\Datenträger D\Esref\Lokale Einstellungen\Temp\removalfile.bat
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131