| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ordner auf dem desktop öffnet browserWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.03.2014, 16:33
| #1 |
| |  ordner auf dem desktop öffnet browser hy leute habe das problem dass ein ordner auf meinem desktop,beim öffnen, den browser öffnet und eine "avira" website angezeigt.rechtsklick auf dem ordner ging nicht.hab den ordner gelöscht und einen virenscan durchgeführt(mit avira,5 von 6 funden konnten gelöscht werden). aber das problem ist, wenn ich jetzt mit der maus an der stelle bin wo der ordner war wird der maus"pfeil" zu dieser hand mit dem zeigefinger(weis nicht wie man dazu sagt^^). kennt ihr sowas und wisst ihr wie ich das wieder entfernen kann? wäre echt cool mfg randomuser^^ |
|
22.03.2014, 17:28
| #2 |
| /// the machine /// TB-Ausbilder    | ordner auf dem desktop öffnet browser hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.03.2014, 20:39
| #3 |
| | ordner auf dem desktop öffnet browser frst.txt=
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Administrator (administrator) on DEYOFTHENIGHT on 22-03-2014 20:29:27
Running from Z:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(LAN Messenger) Z:\Software\LAN Messenger\lmc.exe
(BitTorrent Inc.) C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(GoldenFrog) C:\Program Files (x86)\VyprVPN\VyprVPN.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1566528 2014-01-24] (IObit)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Policies\Explorer: [NoRecycleFiles] 1
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-25] (SUPERAntiSpyware)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [LAN Messenger] - Z:\Software\LAN Messenger\lmc.exe [1721344 2012-07-24] (LAN Messenger)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [uTorrent] - C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe [900440 2013-11-24] (BitTorrent Inc.)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Policies\Explorer: [NoRecycleFiles] 1
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN.lnk
ShortcutTarget: VyprVPN.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB4D5FA7C-2684-4AB3-BA6A-712F8D50BFF3&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB4D5FA7C-2684-4AB3-BA6A-712F8D50BFF3&q={searchTerms}&SSPV=
SearchScopes: HKCU - {637D6E3C-DF93-48A5-8362-159A8AC56B11} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta=
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: google.de
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: YouTube Unblocker - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\youtubeunblocker@unblocker.yt [2014-03-19]
FF Extension: Disconnect - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\2.0@disconnect.me.xpi [2013-11-06]
FF Extension: BrowseSmart - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\firefox@browsesmart.net.xpi [2013-12-06]
FF Extension: InstantFox - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\searchy@searchy.xpi [2013-11-06]
FF Extension: Extension Defender - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\{281944CE-E7F4-4A43-A5D0-EAC0B3E71BFF}.xpi [2014-02-22]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: DownThemAll! - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-15]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-31]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-31]
CHR Extension: (YoutubeAdblocker) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbepaaoapmhcmmgbkebfajednkgimhcf [2013-12-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-02-25]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-31]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-31]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-11-16]
CHR Extension: (Ads Removal) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (Ads Removal) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-13]
CHR Extension: (Safe Money) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-11-16]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-11-16]
CHR Extension: (ssuRfNkeep) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagkloapalbogngdoboiaopjobbceejd [2013-12-17]
CHR Extension: (Virtual Keyboard) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-11-16]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-31]
CHR Extension: (Anti-Banner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-11-16]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-15]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-07] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-15] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [398096 2013-11-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-11-18] (BlueStack Systems, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2013-12-21] (SurfRight B.V.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-08-14] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-02-25] (VIA Technologies, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13242960 2013-02-26] ()
==================== Drivers (Whitelisted) ====================
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-16] ()
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2013-12-29] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [77584 2013-11-18] (BlueStack Systems)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [207200 2013-01-03] ()
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2013-12-21] ()
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36920 2013-04-03] ()
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-24] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-15] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-15] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-15] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-15] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-15] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-12-29] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-22 20:29 - 2014-03-22 20:29 - 00000000 ____D () C:\FRST
2014-03-22 14:55 - 2014-03-22 14:55 - 00000000 _____ () C:\Users\Administrator\Desktop\Neue Bitmap (2).bmp
2014-03-22 14:05 - 2014-03-22 14:05 - 00003154 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2014-03-12 17:29 - 2014-03-12 17:29 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:29 - 2014-03-12 17:29 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:29 - 2014-03-12 17:29 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:26 - 2014-03-12 17:26 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-10 22:40 - 2014-03-10 22:40 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-08 21:38 - 2009-10-23 00:00 - 00761856 _____ () C:\Windows\SysWOW64\RGSS104J.dll
2014-03-08 21:38 - 2009-10-23 00:00 - 00758272 _____ () C:\Windows\SysWOW64\RGSS104E.dll
2014-03-08 21:38 - 2007-05-11 00:00 - 00685056 _____ () C:\Windows\SysWOW64\RGSS103J.dll
2014-03-08 21:38 - 2005-08-30 00:00 - 00781312 _____ () C:\Windows\SysWOW64\RGSS102J.dll
2014-03-08 21:38 - 2005-08-30 00:00 - 00778752 _____ () C:\Windows\SysWOW64\RGSS102E.dll
2014-03-08 21:38 - 2005-08-30 00:00 - 00771584 _____ () C:\Windows\SysWOW64\RGSS100J.dll
2014-03-08 21:36 - 2014-03-08 22:11 - 00000000 ____D () C:\Users\Administrator\Desktop\Dreamland_R_FM
2014-03-07 20:23 - 2014-03-07 20:23 - 00002013 _____ () C:\Users\Administrator\Desktop\Vampires Dawn II - Ancient Blood (MP3).lnk
2014-03-04 16:17 - 2014-03-04 16:17 - 00000000 ____D () C:\Program Files (x86)\VDeaf
2014-03-04 14:14 - 2014-03-04 14:56 - 00000000 ____D () C:\Program Files (x86)\Vampires Dawn II (MP3)
2014-03-02 01:31 - 2014-03-02 01:31 - 00002333 _____ () C:\Users\Administrator\Desktop\Warframe.lnk
2014-03-02 01:31 - 2014-03-02 01:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2014-03-02 01:28 - 2014-03-03 12:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Warframe
2014-03-01 18:34 - 2014-03-01 18:35 - 00001614 _____ () C:\Users\Administrator\Desktop\launcher.exe - Verknüpfung.lnk
2014-03-01 11:05 - 2014-03-12 18:13 - 00000000 ____D () C:\Users\Administrator\Desktop\Starbound v. Enraged Koala
2014-02-26 17:50 - 2014-02-26 17:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-02-26 17:49 - 2014-02-25 10:23 - 00957290 _____ () C:\Users\Administrator\Desktop\adblockplus-2.5.1.xpi
2014-02-25 22:50 - 2014-03-19 22:50 - 00000312 _____ () C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job
2014-02-25 22:50 - 2014-02-25 22:50 - 00003080 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdater_UPDATES
2014-02-25 22:50 - 2014-02-25 22:50 - 00001098 _____ () C:\Users\Public\Desktop\WinZip Driver Updater.lnk
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinZip
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Program Files (x86)\WinZip Driver Updater
2014-02-25 22:45 - 2014-02-25 22:45 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-25 22:45 - 2014-02-25 22:45 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-25 21:20 - 2014-03-19 17:44 - 74498048 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-02-25 21:20 - 2014-03-19 17:44 - 39333888 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-02-25 21:20 - 2014-03-19 17:44 - 00188416 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-02-25 21:20 - 2014-03-19 17:44 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-02-25 21:20 - 2014-03-19 17:44 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-02-25 21:14 - 2014-02-25 21:17 - 00000000 ____D () C:\AdwCleaner
2014-02-25 20:52 - 2014-02-25 20:52 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-25 20:52 - 2014-02-25 20:52 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-25 20:46 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-25 20:46 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-25 20:42 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-02-25 20:39 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-25 20:39 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-25 20:39 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-25 20:39 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-25 20:38 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-25 20:38 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-25 20:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-25 20:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-25 20:35 - 2014-02-25 20:35 - 00001173 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Program Files\VIA
2014-02-25 20:32 - 2014-02-25 20:32 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01998104 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01727256 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00690864 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-02-25 20:29 - 2014-02-25 20:29 - 00002902 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
==================== One Month Modified Files and Folders =======
2014-03-22 20:29 - 2014-03-22 20:29 - 00000000 ____D () C:\FRST
2014-03-22 20:27 - 2013-11-01 13:48 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\uTorrent
2014-03-22 20:19 - 2013-10-31 17:02 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500UA.job
2014-03-22 20:13 - 2013-11-20 18:21 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-22 20:13 - 2013-10-31 14:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-22 15:54 - 2014-02-01 09:52 - 00000000 ____D () C:\ProgramData\PNGconvvertt
2014-03-22 15:54 - 2014-01-24 18:52 - 00000000 ____D () C:\ProgramData\SaverAddon
2014-03-22 15:54 - 2014-01-24 17:51 - 00000000 ____D () C:\ProgramData\SSmartCOmpaarEE
2014-03-22 14:55 - 2014-03-22 14:55 - 00000000 _____ () C:\Users\Administrator\Desktop\Neue Bitmap (2).bmp
2014-03-22 14:28 - 2014-01-24 01:28 - 00002205 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-22 14:24 - 2013-10-31 11:27 - 00000000 ____D () C:\Users\Administrator
2014-03-22 14:13 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-22 14:13 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-22 14:08 - 2013-10-31 19:03 - 01456446 _____ () C:\Windows\WindowsUpdate.log
2014-03-22 14:05 - 2014-03-22 14:05 - 00003154 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2014-03-22 14:04 - 2013-11-15 20:36 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-22 14:03 - 2014-01-24 01:28 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-22 14:03 - 2013-11-15 19:46 - 00000300 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-03-22 14:02 - 2013-11-20 18:21 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-22 14:02 - 2013-10-31 12:05 - 00000000 ____D () C:\ProgramData\VMware
2014-03-22 14:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-22 13:44 - 2013-10-31 17:02 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500Core.job
2014-03-22 03:18 - 2013-11-02 03:22 - 00000000 ____D () C:\Program Files (x86)\VyprVPN
2014-03-21 07:27 - 2013-11-07 18:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-03-19 22:50 - 2014-02-25 22:50 - 00000312 _____ () C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job
2014-03-19 17:44 - 2014-02-25 21:20 - 74498048 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-03-19 17:44 - 2014-02-25 21:20 - 39333888 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-03-19 17:44 - 2014-02-25 21:20 - 00188416 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-03-19 17:44 - 2014-02-25 21:20 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-03-19 17:44 - 2014-02-25 21:20 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-03-19 10:20 - 2013-10-31 18:59 - 00000000 ____D () C:\Windows\Panther
2014-03-13 17:51 - 2009-07-14 05:45 - 00439064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 19:02 - 2013-10-31 14:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:02 - 2013-10-31 14:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 19:02 - 2013-10-31 14:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:13 - 2014-03-01 11:05 - 00000000 ____D () C:\Users\Administrator\Desktop\Starbound v. Enraged Koala
2014-03-12 17:29 - 2014-03-12 17:29 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:29 - 2014-03-12 17:29 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:29 - 2014-03-12 17:29 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:26 - 2014-03-12 17:26 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-10 22:40 - 2014-03-10 22:40 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-10 12:42 - 2014-01-04 19:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-08 22:11 - 2014-03-08 21:36 - 00000000 ____D () C:\Users\Administrator\Desktop\Dreamland_R_FM
2014-03-07 20:23 - 2014-03-07 20:23 - 00002013 _____ () C:\Users\Administrator\Desktop\Vampires Dawn II - Ancient Blood (MP3).lnk
2014-03-06 19:35 - 2013-10-31 11:28 - 00112176 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 16:17 - 2014-03-04 16:17 - 00000000 ____D () C:\Program Files (x86)\VDeaf
2014-03-04 14:56 - 2014-03-04 14:14 - 00000000 ____D () C:\Program Files (x86)\Vampires Dawn II (MP3)
2014-03-03 12:49 - 2014-03-02 01:28 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Warframe
2014-03-02 02:20 - 2013-11-01 15:46 - 00000000 ____D () C:\Users\Administrator\Documents\Received Files
2014-03-02 01:31 - 2014-03-02 01:31 - 00002333 _____ () C:\Users\Administrator\Desktop\Warframe.lnk
2014-03-02 01:31 - 2014-03-02 01:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2014-03-01 18:35 - 2014-03-01 18:34 - 00001614 _____ () C:\Users\Administrator\Desktop\launcher.exe - Verknüpfung.lnk
2014-02-26 17:50 - 2014-02-26 17:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-02-26 17:50 - 2013-10-31 11:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-02-26 02:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-25 22:50 - 2014-02-25 22:50 - 00003080 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdater_UPDATES
2014-02-25 22:50 - 2014-02-25 22:50 - 00001098 _____ () C:\Users\Public\Desktop\WinZip Driver Updater.lnk
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinZip
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Program Files (x86)\WinZip Driver Updater
2014-02-25 22:45 - 2014-02-25 22:45 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-25 22:45 - 2014-02-25 22:45 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-25 22:45 - 2013-03-14 14:42 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-02-25 21:26 - 2013-10-31 12:09 - 00000000 ____D () C:\ProgramData\IObit
2014-02-25 21:17 - 2014-02-25 21:14 - 00000000 ____D () C:\AdwCleaner
2014-02-25 21:14 - 2013-12-17 00:36 - 00000000 ____D () C:\ProgramData\27ba43b94dfca7c9
2014-02-25 20:53 - 2013-10-31 12:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-25 20:52 - 2014-02-25 20:52 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-25 20:52 - 2014-02-25 20:52 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-25 20:50 - 2013-10-31 12:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-25 20:48 - 2013-10-31 19:11 - 01606574 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 20:48 - 2013-10-31 12:33 - 00699616 _____ () C:\Windows\system32\perfh007.dat
2014-02-25 20:48 - 2013-10-31 12:33 - 00150110 _____ () C:\Windows\system32\perfc007.dat
2014-02-25 20:48 - 2009-07-14 06:13 - 01606574 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-25 20:44 - 2014-02-25 20:44 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-25 20:42 - 2013-11-11 22:59 - 00000000 ____D () C:\Windows\Minidump
2014-02-25 20:35 - 2014-02-25 20:35 - 00001173 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Program Files\VIA
2014-02-25 20:32 - 2014-02-25 20:32 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01998104 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01727256 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00690864 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-02-25 20:29 - 2014-02-25 20:29 - 00002902 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-02-25 20:29 - 2014-01-24 01:28 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-02-25 20:29 - 2014-01-06 21:34 - 00001180 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-25 20:29 - 2013-11-15 19:46 - 00003230 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-02-25 20:29 - 2013-11-15 19:46 - 00002590 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-02-25 20:28 - 2014-01-24 03:12 - 00003110 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-02-25 20:28 - 2014-01-24 01:28 - 00002866 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Administrator
2014-02-25 10:23 - 2014-02-26 17:49 - 00957290 _____ () C:\Users\Administrator\Desktop\adblockplus-2.5.1.xpi
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-07-15 07:07] - [2013-03-25 03:57] - 2388992 ____A (Microsoft Corporation) F0AAF39BDE5181203888F716CBB19A63
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-20 02:23
==================== End Of Log ============================
addition.txt=FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Administrator at 2014-03-22 20:29:56
Running from Z:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Advanced Installer 10.3 (HKLM-x32\...\{9B57CBD3-B5CE-452A-A173-9C1BEB30A6D4}) (Version: 10.3 - Caphyon)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.2.0 - IObit)
Adventure Time Explore the Dungeon Because I DON’T KNOW! version 1.0 (HKLM-x32\...\{DA9EE2DD-7C56-4CF3-97CE-2B24141E6837}_is1) (Version: 1.0 - D3 Publisher)
AIDA64 Extreme Edition v3.20 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31107 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1107.1129.20543 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{4ED88849-15C4-39B7-4238-24FEE1F82E9F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1107.1129.20543 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81107.1147 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Appset Updater 1.1.105.0 (HKLM-x32\...\{11DD3FDE-29EC-11E3-9881-8BBE75B86756}) (Version: 1.1.105.0 - Appset)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version: - AutoIt Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.2.3018 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{66A7E313-4DBB-4C05-891F-B792DE2870F3}) (Version: 0.8.2.3018 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
BrowseSmart (HKLM\...\BrowseSmart) (Version: 2013.12.06.205904 - BrowseSmart) <==== ATTENTION
calibre (HKLM-x32\...\{7619F973-52CC-433F-BB71-48E034099BFB}) (Version: 0.9.44 - Kovid Goyal)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cool Beans NFO Creator 2.0.1.3 (HKLM-x32\...\Cool Beans NFO Creator_is1) (Version: - Cool Beans Software)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{378A8D97-8FD4-4C51-B252-21D4A4A97405}) (Version: - Microsoft)
DiskCryptor 1.0 (HKLM\...\DiskCryptor_is1) (Version: 1.0 - hxxp://diskcryptor.net/)
DMC Devil May Cry (HKLM-x32\...\DMC Devil May Cry_is1) (Version: - )
Dolphin x86 4.0 (HKLM-x32\...\Dolphin x86) (Version: 4.0 - Dolphin Development Team)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.2 - IObit)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evoland 1.0 (HKLM-x32\...\Evoland 1.0) (Version: 1.0 - Cat-A-Cat)
GameWiz32 (HKLM-x32\...\GameWiz32) (Version: 1.43 - Nico Ebert)
Geometry Wars Retro Evolved (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112215403}) (Version: - Oberon Media)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
God Mode (HKLM-x32\...\God Mode_is1) (Version: - )
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Greenshot (HKLM-x32\...\{370F3383-9D32-4959-8197-B3814E2048BD}) (Version: 1.0.0 - Greenshot)
Hitman Absolution version 5.1 (HKLM-x32\...\{B810D852-DFD6-HIT3A-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.0.10.45 - SurfRight B.V.)
ICQ 8.2 (build 6870) (HKCU\...\ICQ) (Version: 8.2.6870.0 - Mail.Ru)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.0 - IObit)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
K-Lite Mega Codec Pack 10.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
LAN Messenger (HKLM-x32\...\LAN Messenger) (Version: 1.2.35 - LAN Messenger)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (HKLM-x32\...\{3D6AD258-61EA-35F5-812C-B7A02152996E}) (Version: 11.0.60610 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (HKLM-x32\...\{E7D4E834-93EB-351F-B8FB-82CDAE623003}) (Version: 11.0.60610 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 en-US)) (Version: 17.0.8 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Plants VS Zombies (HKLM-x32\...\Plants VS Zombies 1.0.0) (Version: 1.0.0 - AW)
Plants VS Zombies (x32 Version: 1.0.0 - AW) Hidden
PNGconvvertt (HKLM-x32\...\{EC260287-CB08-226A-2B80-09C53F61CFA1}) (Version: - PiNGGconvert)
Portal (HKLM-x32\...\Portal_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Portal 2 (HKLM-x32\...\Portal 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
QIP Internet Guardian (HKCU\...\QipGuard) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SaverAddon (HKLM-x32\...\{10A0E600-D246-BD63-F465-4C849C688998}) (Version: - SaaverAdDon)
SFXMaker (HKLM-x32\...\SFXMaker 1.3.1 Final_is1) (Version: - )
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
Smart Port Forwarding (HKLM-x32\...\Smart Port Forwarding) (Version: 1.0.0.1 - Brooks Younce Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SSmartCOmpaarEE (HKLM-x32\...\{A9F7A981-09A3-C1F7-2D46-1BA20CFDF02F}) (Version: - SmArrtCompare)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super DX-Ball Deluxe (HKLM-x32\...\Super DX-Ball Deluxe) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
tools-freebsd (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
Trials Evolution Gold Edition (x32 Version: 1.0.0.5 - Ubisoft) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A784BEFA-1BAB-4285-9F90-7D1A40A72DF8}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C5241E8F-37A5-40EC-90DD-FF1400818C4B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{388C807E-766E-47FB-A671-53B8387FCA78}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C74BC9C1-46D0-4406-A003-119C5F2BC240}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{068372FB-7EAF-463F-8074-77AB35BB13E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E911A320-7B4A-4383-82D2-007375B27EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8449754F-577E-4EC3-B9D4-108395B1680E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A98FE317-A670-47B8-9510-C115D933282A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0C0A2F4A-757C-4F10-935F-508E1A2D4719}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{377DC0D5-A062-496A-ADE2-6D204B498DD8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{CA55F6DA-492F-434B-9B65-9A42C35F3FDC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{CC676278-5E9E-432E-9BB5-DDF0FFE04549}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4389523F-DE1F-474A-995D-480F66809567}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4389523F-DE1F-474A-995D-480F66809567}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7E0144AD-1CF3-41B9-A6E5-98FF7EA97F2F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7E0144AD-1CF3-41B9-A6E5-98FF7EA97F2F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC2B4A26-859A-41DD-AB15-96EE183B4C51}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C74677D5-FA4D-47D5-B769-1866C6D81214}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC2B4A26-859A-41DD-AB15-96EE183B4C51}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A30942E-AFEC-4DC5-8A23-AD50E971CC37}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A30942E-AFEC-4DC5-8A23-AD50E971CC37}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED00DC05-D24B-4847-B49B-7EF42A01D4D5}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED00DC05-D24B-4847-B49B-7EF42A01D4D5}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2817468) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{33055923-5582-464E-9038-F893B63E5AF6}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2817468) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{EB9D301B-D06E-42B2-A9E5-16B1F635D1ED}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E158EB9F-E6CC-49E2-A098-2C6DF0D6B42B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CFC7B54A-AB18-487B-A035-7094E2F24AF1}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DED39E58-12BE-4782-B204-F7ACB709B2D2}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{562FDDD4-C386-4204-A99F-3A111FDF2AE4}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DED39E58-12BE-4782-B204-F7ACB709B2D2}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{562FDDD4-C386-4204-A99F-3A111FDF2AE4}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{54960E56-266C-417A-85F5-4769614C2694}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7850D7D4-FC6A-4847-A646-9A64CCF713EA}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vampires Dawn II: Ancient Blood (MP3) (HKLM-x32\...\{04D24793-D317-4E13-95B3-1EDBEA068241}_is1) (Version: Vampires Dawn 2 - Version 1.23 (MP3) - Brianum/Dawnatic)
Vampires Deaf (HKLM-x32\...\{63261E19-1368-475A-8971-F9711262676B}_is1) (Version: Vampires Deaf - Brianum)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.2 - VMware, Inc)
VMware Workstation (Version: 9.0.2 - VMware, Inc.) Hidden
VyprVPN (HKLM-x32\...\VyprVPN 1.4.1.601) (Version: 1.4.1.601 - Golden Frog, Inc.)
Warframe (HKLM-x32\...\{2937C578-0CDD-4936-A869-912FD029436E}) (Version: 1.0.0 - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
WinRAR 5.00 beta 8 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
WinToolkit (HKLM-x32\...\{0FF92AED-DDE5-4CFD-842E-54409AE2654D}) (Version: 1.0.0 - WinToolkit)
WinZip Driver Updater (HKLM-x32\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.15384 - WinZip Computing, S.L. (WinZip Computing))
==================== Restore Points =========================
02-03-2014 00:31:31 Installed Warframe
02-03-2014 00:41:11 DirectX wurde installiert
10-03-2014 17:08:16 Scheduled Checkpoint
12-03-2014 16:26:07 Windows Modules Installer
12-03-2014 16:26:51 Windows Modules Installer
19-03-2014 21:18:04 Scheduled Checkpoint
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-11-15 20:47 - 00000147 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {08A13765-F2A0-4F4A-9E36-F5EEC87CF03B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {08CE4835-5C46-4A45-AAC3-6B73B14A1CB1} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-01-07] (IObit)
Task: {0C2FC1D4-120A-4114-B714-768538253695} - System32\Tasks\WinZipDriverUpdater_UPDATES => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe [2013-07-15] (WinZip Computing, S.L. (WinZip Computing))
Task: {1205BE82-18A2-4A9A-B3CA-32F6A6664847} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-01-09] (IObit)
Task: {128EF033-5501-4E9A-9533-E302386BE264} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {2AA899A4-0CE6-40D7-BAE8-97B1C8A86CC1} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {47289986-4C3F-4AA1-84A7-5714F42DEFBB} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit)
Task: {4F3506E6-9237-470F-9636-3767601F5D82} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-01-16] (IObit)
Task: {54606094-BBF1-4DD7-BD04-BA46F2A66095} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20] (Google Inc.)
Task: {56ED1719-7AEF-4B53-A308-F3D5A6B1CD46} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {6FBF2894-1C54-421B-822B-74E81CF650C1} - System32\Tasks\ASC7_SkipUac_Administrator => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-02-14] (IObit)
Task: {73D357F0-B953-4C61-9E0D-E2BB44332069} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1199106278-1721565784-918049909-500
Task: {8315BA81-31A4-413D-B3A4-C6DAD06C8060} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {8830EFE4-2848-4443-8B14-8987C3103A83} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-02-11] (IObit)
Task: {8DF4674C-DA6B-462B-B116-C62E38091648} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20] (Google Inc.)
Task: {908BECF0-0E4D-4555-B8AD-74BB391FC0F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {9DEA2DE8-3FAD-4261-A6C0-76033E806A66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {A2E570BE-0C75-43C0-A600-6566D1350EE2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500Core => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: {AD4E5D43-C2B2-47EE-8876-F06BB23067F2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500UA => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: {B09A38DE-49DA-4342-A9F2-DE26025E0223} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C5E8BC14-977E-4899-83C7-A76D75EA3980} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe [2013-07-15] (WinZip Computing, S.L. (WinZip Computing))
Task: {D4FDD6A0-A4A0-49C9-BF23-FEAC8B18E6CE} - System32\Tasks\VyprVPN => C:\Program Files (x86)/VyprVPN\VyprVPN.exe [2012-11-02] (GoldenFrog)
Task: {E40D0778-855F-47D8-B46C-AB3FBC40DA05} - System32\Tasks\Google Updater and Installer => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: {F6FDF84C-CC30-419C-820A-63329BE2349F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {FB3EE0D9-D97A-485F-8961-D5EEFC906F07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500Core.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500UA.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
==================== Loaded Modules (whitelisted) =============
2013-11-07 11:32 - 2013-11-07 11:32 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-12-18 10:01 - 2013-12-18 10:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-08-14 08:52 - 2013-08-14 08:52 - 00248704 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2013-02-26 09:54 - 2013-02-26 09:54 - 13242960 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2013-06-03 15:32 - 2013-06-03 15:32 - 08865448 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-11-07 11:32 - 2013-11-07 11:32 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-12-15 18:29 - 2011-12-15 18:29 - 00510464 _____ () C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
2014-01-24 01:28 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-12-19 07:48 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-12-11 14:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-11 14:25 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-11 14:25 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-11 14:25 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-11 14:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-02-26 10:28 - 2013-02-26 10:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-01-24 09:39 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2014-01-24 01:28 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-01-24 01:28 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-01-24 01:28 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-01-24 01:28 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2009-01-10 20:32 - 2009-01-10 20:32 - 00011362 _____ () Z:\Software\LAN Messenger\mingwm10.dll
2009-06-23 03:42 - 2009-06-23 03:42 - 00043008 _____ () Z:\Software\LAN Messenger\libgcc_s_dw2-1.dll
2013-11-02 03:22 - 2012-11-02 20:40 - 00091648 _____ () C:\Program Files (x86)\VyprVPN\Lib\VpnLib.dll
2013-11-02 03:22 - 2012-11-02 20:40 - 00056832 _____ () C:\Program Files (x86)\VyprVPN\Lib\libvyprweb.dll
2013-11-02 03:22 - 2012-11-02 20:39 - 00248832 _____ () C:\Program Files (x86)\VyprVPN\Lib\libcurl.dll
2013-10-31 12:09 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2013-10-31 12:09 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2013-10-31 12:09 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2013-10-31 12:09 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2013-12-13 14:28 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2013-10-31 12:09 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2013-10-31 12:09 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-01-24 01:28 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
2014-02-15 02:21 - 2014-02-15 02:21 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-06-03 15:34 - 2013-06-03 15:34 - 08865448 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-12 19:02 - 2014-03-12 19:02 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2011-12-15 18:29 - 2011-12-15 18:29 - 00090112 _____ () C:\Program Files (x86)\OpenVPN\bin\lzo2.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:1B22F0EC
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: Appset Update => C:\Users\Administrator\AppData\Local\Appset\AppsetUpdater\AppSetManager.exe /startscheduler
MSCONFIG\startupreg: BCWipeTM Startup => "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
MSCONFIG\startupreg: Google Update => "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: icq => C:\Users\Administrator\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: QIP Internet Guardian => C:\Users\Administrator\AppData\Roaming\QipGuard\QipGuard.exe /p
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "c:\users\administrator\appdata\roaming\utorrent\utorrent.exe" /minimized
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/22/2014 02:02:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/22/2014 02:02:19 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/22/2014 03:19:15 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (03/21/2014 00:33:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0fcf
Name des fehlerhaften Moduls: mozalloc.dll, Version: 27.0.1.5156, Zeitstempel: 0x52fbe972
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000119c
ID des fehlerhaften Prozesses: 0x5d84
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (03/21/2014 06:45:24 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (03/20/2014 00:02:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 00:01:36 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/20/2014 02:24:33 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (03/19/2014 05:48:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/19/2014 05:46:07 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
System errors:
=============
Error: (03/22/2014 02:03:34 PM) (Source: Service Control Manager) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/22/2014 02:02:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (03/22/2014 02:02:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/22/2014 02:02:04 PM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.
Error: (03/22/2014 01:44:36 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (03/20/2014 00:03:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/20/2014 00:01:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (03/20/2014 00:00:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/20/2014 00:00:56 PM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.
Error: (03/19/2014 05:48:37 PM) (Source: Service Control Manager) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (03/22/2014 02:02:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/22/2014 02:02:19 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/22/2014 03:19:15 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154
Error: (03/21/2014 00:33:40 PM) (Source: Application Error)(User: )
Description: plugin-container.exe27.0.1.515652fc0fcfmozalloc.dll27.0.1.515652fbe972800000030000119c5d8401cf44f10228caa2C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla623f9d8-b0ec-11e3-be65-485b39780451
Error: (03/21/2014 06:45:24 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154
Error: (03/20/2014 00:02:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 00:01:36 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/20/2014 02:24:33 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154
Error: (03/19/2014 05:48:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/19/2014 05:46:07 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
CodeIntegrity Errors:
===================================
Date: 2014-03-22 15:04:06.840
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 14:50:25.152
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 14:33:27.997
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 14:15:28.340
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 12:41:50.971
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 12:29:42.962
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 12:20:07.000
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 12:09:46.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 11:26:21.413
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-22 06:17:33.001
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 16382.05 MB
Available physical RAM: 12811.8 MB
Total Pagefile: 32762.28 MB
Available Pagefile: 28414.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:110.18 GB) NTFS
Drive z: (Sp4ce) (Fixed) (Total:698.63 GB) (Free:583.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 380F380F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 699 GB) (Disk ID: 47B8B3B3)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
23.03.2014, 11:25
| #4 |
| /// the machine /// TB-Ausbilder | ordner auf dem desktop öffnet browser Du hast jede Menge adware auf dem Rechner, aber das eigentliche Problem ist ein bekanntes Avira Problem. Schon mal Google bemüht deswegen?  Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.03.2014, 12:47
| #5 |
| | ordner auf dem desktop öffnet browser Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware Datenbank Version: v2014.03.23.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16844 Administrator :: DEYOFTHENIGHT [Administrator] Schutz: Aktiviert 23.03.2014 11:50:36 mbam-log-2014-03-23 (11-50-36).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 220475 Laufzeit: 4 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoRecycleFiles (PUM.Disable.Recycle) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) 2014/03/23 11:47:42 +0100 DEYOFTHENIGHT Administrator MESSAGE Starting protection 2014/03/23 11:47:42 +0100 DEYOFTHENIGHT Administrator MESSAGE Protection started successfully 2014/03/23 11:47:42 +0100 DEYOFTHENIGHT Administrator MESSAGE Starting IP protection 2014/03/23 11:47:59 +0100 DEYOFTHENIGHT Administrator MESSAGE IP Protection started successfully 2014/03/23 11:48:12 +0100 DEYOFTHENIGHT Administrator MESSAGE Starting database refresh 2014/03/23 11:48:12 +0100 DEYOFTHENIGHT Administrator MESSAGE Stopping IP protection 2014/03/23 11:48:13 +0100 DEYOFTHENIGHT Administrator MESSAGE IP Protection stopped successfully 2014/03/23 11:48:16 +0100 DEYOFTHENIGHT Administrator MESSAGE Database refreshed successfully 2014/03/23 11:48:16 +0100 DEYOFTHENIGHT Administrator MESSAGE Starting IP protection 2014/03/23 11:48:18 +0100 DEYOFTHENIGHT Administrator MESSAGE IP Protection started successfully 2014/03/23 11:52:14 +0100 DEYOFTHENIGHT Administrator MESSAGE Executing scheduled update: Daily 2014/03/23 11:52:15 +0100 DEYOFTHENIGHT Administrator MESSAGE Database already up-to-date 2014/03/23 12:03:47 +0100 DEYOFTHENIGHT Administrator IP-BLOCK 188.130.176.5 (Type: outgoing, Port: 13948, Process: utorrent.exe) 2014/03/23 12:24:09 +0100 DEYOFTHENIGHT (null) MESSAGE Starting protection 2014/03/23 12:24:09 +0100 DEYOFTHENIGHT (null) MESSAGE Protection started successfully 2014/03/23 12:24:09 +0100 DEYOFTHENIGHT (null) MESSAGE Starting IP protection 2014/03/23 12:24:12 +0100 DEYOFTHENIGHT (null) MESSAGE IP Protection started successfully AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.022 - Report created 23/03/2014 at 12:20:21
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Administrator - DEYOFTHENIGHT
# Running from : Z:\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
File Deleted : C:\Windows\Tasks\Driver Booster Update.job
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16843
-\\ Mozilla Firefox v27.0.1 (en-US)
[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14405 octets] - [25/02/2014 21:14:06]
AdwCleaner[R1].txt - [1492 octets] - [23/03/2014 12:18:45]
AdwCleaner[S0].txt - [12560 octets] - [25/02/2014 21:17:21]
AdwCleaner[S1].txt - [1308 octets] - [23/03/2014 12:20:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1368 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Administrator on 23.03.2014 at 12:35:32,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ FireFox
Successfully deleted: [File] C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\bavlcf6i.default\extensions\firefox@browsesmart.net.xpi
Successfully deleted: [File] C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\bavlcf6i.default\extensions\searchy@searchy.xpi
Successfully deleted the following from C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\bavlcf6i.default\prefs.js
user_pref("extensions.MJQQQbeIzMDD.url", "hxxp://downloadfirst.us/sync2/?q=hfZ9ofV9CShEAen0rTw5rShTB6lKDzt4okmxtNtVh7n0rjrFrTw7rTrHqTa9tMFHhd9FqdaGrTkFpjsHqdrMDMlGojUMAe4UojY6
Emptied folder: C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\bavlcf6i.default\minidumps [25 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.03.2014 at 12:42:21,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Administrator (administrator) on DEYOFTHENIGHT on 23-03-2014 12:46:18
Running from Z:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(LAN Messenger) Z:\Software\LAN Messenger\lmc.exe
(BitTorrent Inc.) C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(GoldenFrog) C:\Program Files (x86)\VyprVPN\VyprVPN.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Thisisu) Z:\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1566528 2014-01-24] (IObit)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Policies\Explorer: [NoRecycleFiles] 1
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-25] (SUPERAntiSpyware)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [LAN Messenger] - Z:\Software\LAN Messenger\lmc.exe [1721344 2012-07-24] (LAN Messenger)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Run: [uTorrent] - C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe [900440 2013-11-24] (BitTorrent Inc.)
HKU\S-1-5-21-1199106278-1721565784-918049909-500\...\Policies\Explorer: [NoRecycleFiles] 0
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN.lnk
ShortcutTarget: VyprVPN.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB4D5FA7C-2684-4AB3-BA6A-712F8D50BFF3&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB4D5FA7C-2684-4AB3-BA6A-712F8D50BFF3&q={searchTerms}&SSPV=
SearchScopes: HKCU - {637D6E3C-DF93-48A5-8362-159A8AC56B11} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta=
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 138.199.67.53 138.199.67.54
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: google.de
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: YouTube Unblocker - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\youtubeunblocker@unblocker.yt [2014-03-19]
FF Extension: Disconnect - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\2.0@disconnect.me.xpi [2013-11-06]
FF Extension: Extension Defender - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\{281944CE-E7F4-4A43-A5D0-EAC0B3E71BFF}.xpi [2014-02-22]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: DownThemAll! - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bavlcf6i.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-15]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-31]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-31]
CHR Extension: (YoutubeAdblocker) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbepaaoapmhcmmgbkebfajednkgimhcf [2013-12-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-02-25]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-31]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-31]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-11-16]
CHR Extension: (Ads Removal) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (No Name) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-13]
CHR Extension: (Safe Money) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-11-16]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-11-16]
CHR Extension: (ssuRfNkeep) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagkloapalbogngdoboiaopjobbceejd [2013-12-17]
CHR Extension: (Virtual Keyboard) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-11-16]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-31]
CHR Extension: (Anti-Banner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-11-16]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-15]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-07] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-15] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [398096 2013-11-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-11-18] (BlueStack Systems, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2013-12-21] (SurfRight B.V.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-08-14] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-02-25] (VIA Technologies, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13242960 2013-02-26] ()
==================== Drivers (Whitelisted) ====================
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-16] ()
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2013-12-29] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [77584 2013-11-18] (BlueStack Systems)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [207200 2013-01-03] ()
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2013-12-21] ()
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36920 2013-04-03] ()
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-24] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-15] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-15] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-15] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-15] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-15] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-12-29] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-23 12:42 - 2014-03-23 12:42 - 00001573 _____ () C:\Users\Administrator\Desktop\JRT.txt
2014-03-23 12:35 - 2014-03-23 12:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 12:23 - 2014-03-23 12:23 - 00006132 _____ () C:\Windows\PFRO.log
2014-03-23 12:22 - 2014-03-23 12:22 - 00000000 _____ () C:\asc_rdflag
2014-03-23 11:47 - 2014-03-23 11:47 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-23 11:47 - 2014-03-23 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
2014-03-23 11:47 - 2014-03-23 11:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-23 11:47 - 2014-03-23 11:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-23 11:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-23 11:37 - 2014-03-23 11:37 - 00001264 _____ () C:\Users\Administrator\Desktop\Revo Uninstaller.lnk
2014-03-23 11:37 - 2014-03-23 11:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-23 04:50 - 2014-03-23 12:23 - 00000056 _____ () C:\Windows\setupact.log
2014-03-23 04:50 - 2014-03-23 04:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-22 20:29 - 2014-03-23 12:46 - 00000000 ____D () C:\FRST
2014-03-22 14:55 - 2014-03-22 14:55 - 00000000 _____ () C:\Users\Administrator\Desktop\Neue Bitmap (2).bmp
2014-03-22 14:05 - 2014-03-23 12:24 - 00003154 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2014-03-12 17:29 - 2014-03-12 17:29 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:29 - 2014-03-12 17:29 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:29 - 2014-03-12 17:29 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:26 - 2014-03-12 17:26 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-10 22:40 - 2014-03-10 22:40 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-08 21:38 - 2009-10-23 00:00 - 00761856 _____ () C:\Windows\SysWOW64\RGSS104J.dll
2014-03-08 21:38 - 2009-10-23 00:00 - 00758272 _____ () C:\Windows\SysWOW64\RGSS104E.dll
2014-03-08 21:38 - 2007-05-11 00:00 - 00685056 _____ () C:\Windows\SysWOW64\RGSS103J.dll
2014-03-08 21:38 - 2005-08-30 00:00 - 00781312 _____ () C:\Windows\SysWOW64\RGSS102J.dll
2014-03-08 21:38 - 2005-08-30 00:00 - 00778752 _____ () C:\Windows\SysWOW64\RGSS102E.dll
2014-03-08 21:38 - 2005-08-30 00:00 - 00771584 _____ () C:\Windows\SysWOW64\RGSS100J.dll
2014-03-08 21:36 - 2014-03-08 22:11 - 00000000 ____D () C:\Users\Administrator\Desktop\Dreamland_R_FM
2014-03-07 20:23 - 2014-03-07 20:23 - 00002013 _____ () C:\Users\Administrator\Desktop\Vampires Dawn II - Ancient Blood (MP3).lnk
2014-03-04 16:17 - 2014-03-04 16:17 - 00000000 ____D () C:\Program Files (x86)\VDeaf
2014-03-04 14:14 - 2014-03-04 14:56 - 00000000 ____D () C:\Program Files (x86)\Vampires Dawn II (MP3)
2014-03-02 01:31 - 2014-03-02 01:31 - 00002333 _____ () C:\Users\Administrator\Desktop\Warframe.lnk
2014-03-02 01:31 - 2014-03-02 01:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2014-03-02 01:28 - 2014-03-03 12:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Warframe
2014-03-01 18:34 - 2014-03-01 18:35 - 00001614 _____ () C:\Users\Administrator\Desktop\launcher.exe - Verknüpfung.lnk
2014-03-01 11:05 - 2014-03-12 18:13 - 00000000 ____D () C:\Users\Administrator\Desktop\Starbound v. Enraged Koala
2014-02-26 17:50 - 2014-02-26 17:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-02-26 17:49 - 2014-02-25 10:23 - 00957290 _____ () C:\Users\Administrator\Desktop\adblockplus-2.5.1.xpi
2014-02-25 22:50 - 2014-03-19 22:50 - 00000312 _____ () C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job
2014-02-25 22:50 - 2014-02-25 22:50 - 00003080 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdater_UPDATES
2014-02-25 22:50 - 2014-02-25 22:50 - 00001098 _____ () C:\Users\Public\Desktop\WinZip Driver Updater.lnk
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinZip
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Program Files (x86)\WinZip Driver Updater
2014-02-25 22:45 - 2014-02-25 22:45 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-25 22:45 - 2014-02-25 22:45 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-25 21:20 - 2014-03-23 12:23 - 74498048 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-02-25 21:20 - 2014-03-23 12:22 - 00188416 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-02-25 21:20 - 2014-03-23 12:22 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-02-25 21:20 - 2014-03-23 12:22 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-02-25 21:20 - 2014-03-19 17:44 - 39333888 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-02-25 21:14 - 2014-03-23 12:20 - 00000000 ____D () C:\AdwCleaner
2014-02-25 20:52 - 2014-02-25 20:52 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-25 20:52 - 2014-02-25 20:52 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-25 20:46 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-25 20:46 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-25 20:42 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-02-25 20:39 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-25 20:39 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-25 20:39 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-25 20:39 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-25 20:38 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-25 20:38 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-25 20:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-25 20:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-25 20:35 - 2014-02-25 20:35 - 00001173 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Program Files\VIA
2014-02-25 20:32 - 2014-02-25 20:32 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01998104 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01727256 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00690864 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-02-25 20:29 - 2014-02-25 20:29 - 00002902 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
==================== One Month Modified Files and Folders =======
2014-03-23 12:46 - 2014-03-22 20:29 - 00000000 ____D () C:\FRST
2014-03-23 12:46 - 2013-11-01 13:48 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\uTorrent
2014-03-23 12:42 - 2014-03-23 12:42 - 00001573 _____ () C:\Users\Administrator\Desktop\JRT.txt
2014-03-23 12:35 - 2014-03-23 12:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 12:33 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-23 12:33 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-23 12:32 - 2013-11-20 18:21 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 12:29 - 2013-10-31 19:03 - 01490215 _____ () C:\Windows\WindowsUpdate.log
2014-03-23 12:25 - 2013-10-31 12:05 - 00000000 ____D () C:\ProgramData\VMware
2014-03-23 12:24 - 2014-03-22 14:05 - 00003154 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2014-03-23 12:24 - 2013-11-20 18:21 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-23 12:24 - 2013-11-15 20:36 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-23 12:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-23 12:23 - 2014-03-23 12:23 - 00006132 _____ () C:\Windows\PFRO.log
2014-03-23 12:23 - 2014-03-23 04:50 - 00000056 _____ () C:\Windows\setupact.log
2014-03-23 12:23 - 2014-02-25 21:20 - 74498048 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-03-23 12:22 - 2014-03-23 12:22 - 00000000 _____ () C:\asc_rdflag
2014-03-23 12:22 - 2014-02-25 21:20 - 00188416 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-03-23 12:22 - 2014-02-25 21:20 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-03-23 12:22 - 2014-02-25 21:20 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-03-23 12:22 - 2013-10-31 11:27 - 00000000 ____D () C:\Users\Administrator
2014-03-23 12:20 - 2014-02-25 21:14 - 00000000 ____D () C:\AdwCleaner
2014-03-23 12:20 - 2013-10-31 17:02 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500Core.job
2014-03-23 12:19 - 2013-10-31 17:02 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1199106278-1721565784-918049909-500UA.job
2014-03-23 12:02 - 2013-10-31 14:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 11:47 - 2014-03-23 11:47 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-23 11:47 - 2014-03-23 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
2014-03-23 11:47 - 2014-03-23 11:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-23 11:47 - 2014-03-23 11:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-23 11:37 - 2014-03-23 11:37 - 00001264 _____ () C:\Users\Administrator\Desktop\Revo Uninstaller.lnk
2014-03-23 11:37 - 2014-03-23 11:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-23 04:50 - 2014-03-23 04:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 04:49 - 2013-11-02 03:22 - 00000000 ____D () C:\Program Files (x86)\VyprVPN
2014-03-22 15:54 - 2014-02-01 09:52 - 00000000 ____D () C:\ProgramData\PNGconvvertt
2014-03-22 15:54 - 2014-01-24 18:52 - 00000000 ____D () C:\ProgramData\SaverAddon
2014-03-22 15:54 - 2014-01-24 17:51 - 00000000 ____D () C:\ProgramData\SSmartCOmpaarEE
2014-03-22 14:55 - 2014-03-22 14:55 - 00000000 _____ () C:\Users\Administrator\Desktop\Neue Bitmap (2).bmp
2014-03-22 14:28 - 2014-01-24 01:28 - 00002205 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-22 14:03 - 2014-01-24 01:28 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-21 07:27 - 2013-11-07 18:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-03-19 22:50 - 2014-02-25 22:50 - 00000312 _____ () C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job
2014-03-19 17:44 - 2014-02-25 21:20 - 39333888 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-03-19 10:20 - 2013-10-31 18:59 - 00000000 ____D () C:\Windows\Panther
2014-03-13 17:51 - 2009-07-14 05:45 - 00439064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 19:02 - 2013-10-31 14:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:02 - 2013-10-31 14:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 19:02 - 2013-10-31 14:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:13 - 2014-03-01 11:05 - 00000000 ____D () C:\Users\Administrator\Desktop\Starbound v. Enraged Koala
2014-03-12 17:29 - 2014-03-12 17:29 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:29 - 2014-03-12 17:29 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:29 - 2014-03-12 17:29 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:28 - 2014-03-12 17:28 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:27 - 2014-03-12 17:27 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:26 - 2014-03-12 17:26 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-10 22:40 - 2014-03-10 22:40 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-10 12:42 - 2014-01-04 19:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-08 22:11 - 2014-03-08 21:36 - 00000000 ____D () C:\Users\Administrator\Desktop\Dreamland_R_FM
2014-03-07 20:23 - 2014-03-07 20:23 - 00002013 _____ () C:\Users\Administrator\Desktop\Vampires Dawn II - Ancient Blood (MP3).lnk
2014-03-06 19:35 - 2013-10-31 11:28 - 00112176 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 16:17 - 2014-03-04 16:17 - 00000000 ____D () C:\Program Files (x86)\VDeaf
2014-03-04 14:56 - 2014-03-04 14:14 - 00000000 ____D () C:\Program Files (x86)\Vampires Dawn II (MP3)
2014-03-03 12:49 - 2014-03-02 01:28 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Warframe
2014-03-02 02:20 - 2013-11-01 15:46 - 00000000 ____D () C:\Users\Administrator\Documents\Received Files
2014-03-02 01:31 - 2014-03-02 01:31 - 00002333 _____ () C:\Users\Administrator\Desktop\Warframe.lnk
2014-03-02 01:31 - 2014-03-02 01:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2014-03-01 18:35 - 2014-03-01 18:34 - 00001614 _____ () C:\Users\Administrator\Desktop\launcher.exe - Verknüpfung.lnk
2014-02-26 17:50 - 2014-02-26 17:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-02-26 17:50 - 2013-10-31 11:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-02-26 02:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-25 22:50 - 2014-02-25 22:50 - 00003080 _____ () C:\Windows\System32\Tasks\WinZipDriverUpdater_UPDATES
2014-02-25 22:50 - 2014-02-25 22:50 - 00001098 _____ () C:\Users\Public\Desktop\WinZip Driver Updater.lnk
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinZip
2014-02-25 22:50 - 2014-02-25 22:50 - 00000000 ____D () C:\Program Files (x86)\WinZip Driver Updater
2014-02-25 22:45 - 2014-02-25 22:45 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-25 22:45 - 2014-02-25 22:45 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-25 22:45 - 2013-03-14 14:42 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-02-25 21:26 - 2013-10-31 12:09 - 00000000 ____D () C:\ProgramData\IObit
2014-02-25 21:14 - 2013-12-17 00:36 - 00000000 ____D () C:\ProgramData\27ba43b94dfca7c9
2014-02-25 20:53 - 2013-10-31 12:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-25 20:52 - 2014-02-25 20:52 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-25 20:52 - 2014-02-25 20:52 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-25 20:50 - 2013-10-31 12:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-25 20:48 - 2013-10-31 19:11 - 01606574 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 20:48 - 2013-10-31 12:33 - 00699616 _____ () C:\Windows\system32\perfh007.dat
2014-02-25 20:48 - 2013-10-31 12:33 - 00150110 _____ () C:\Windows\system32\perfc007.dat
2014-02-25 20:48 - 2009-07-14 06:13 - 01606574 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-25 20:46 - 2014-02-25 20:46 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-25 20:44 - 2014-02-25 20:44 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-25 20:44 - 2014-02-25 20:44 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-25 20:44 - 2014-02-25 20:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-25 20:42 - 2013-11-11 22:59 - 00000000 ____D () C:\Windows\Minidump
2014-02-25 20:35 - 2014-02-25 20:35 - 00001173 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-02-25 20:33 - 2014-02-25 20:33 - 00000000 ____D () C:\Program Files\VIA
2014-02-25 20:32 - 2014-02-25 20:32 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01998104 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01727256 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00690864 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-02-25 20:32 - 2014-02-25 20:32 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-02-25 20:32 - 2014-02-25 20:32 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-02-25 20:32 - 2014-02-25 20:32 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-02-25 20:29 - 2014-02-25 20:29 - 00002902 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-02-25 20:29 - 2014-01-24 01:28 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-02-25 20:29 - 2014-01-06 21:34 - 00001180 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-25 20:29 - 2013-11-15 19:46 - 00003230 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-02-25 20:28 - 2014-01-24 03:12 - 00003110 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-02-25 20:28 - 2014-01-24 01:28 - 00002866 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Administrator
2014-02-25 10:23 - 2014-02-26 17:49 - 00957290 _____ () C:\Users\Administrator\Desktop\adblockplus-2.5.1.xpi
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-07-15 07:07] - [2013-03-25 03:57] - 2388992 ____A (Microsoft Corporation) F0AAF39BDE5181203888F716CBB19A63
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-20 02:23
==================== End Of Log ============================
--- --- --- |
|
24.03.2014, 10:29
| #6 |
| /// the machine /// TB-Ausbilder | ordner auf dem desktop öffnet browserESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> ordner auf dem desktop öffnet browser |
|
| Themen zu ordner auf dem desktop öffnet browser |
| avira, browser, desktop, durchgeführt, entferne, entfernen, gelöscht, konnte, maus, ordner, pum.disable.recycle, pup.optional.browsesmart.a, scan, spyhunter, spyhunter entfernen, stelle, website, wisst, öffnet |
Linear-Darstellung
