| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Trojaner Proxy-Server 127.0.0.1 Port: 8877Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.03.2014, 11:30
| #1 |
 |  Windows 7: Trojaner Proxy-Server 127.0.0.1 Port: 8877 Hallo zuasmmen, vorab: wir sind ein kleines Institut mit 3 Mitarbeitern und haben keine eigene IT-Abteilung, die sich mit meinem Problem beschäftigen könnte, da wir das selbst machen müssen. Ich hoffe, das geht in Ordnung? Spende verstünde sich von selbst... Problem wie folgt: Es trägt sich immer automatisch ein Proxyserver bei mir ein. 127.0.0.1 Port: 8877 Wenn ich auf "Proxyserver konfigurieren" gehe und dort unter "LAN-Einstellungen" schaue, trägt sich immer automatisch das Häkchen bei "Proxyserver für LAN verwenden..." ein. Selbst wenn ich das Häkchen rausnehme, trägt es sich kurze Zeit später wieder von selbst ein. Bei meiner Recherche bin ich zu dem Ergebnis gekommen, dass es sich wohl um einen Trojaner handelt. Ich habe etliche Virenscanner etc. angewendet und es wurde auch immer fleißig etwas gefunden, aber mein Problem hat sich nicht gelöst. Die Logs habe ich leider nicht, weil ich alle Virenscanner und Malware-Programm wieder deinstalliert habe. Es scheint eher ein Problem zu sein, dass aktiv wird, bevor der Rechner hochgefahren ist, aber da hört mein Latein auch schon auf. Ich habe hoffentlich eure Anleitung richtig befolgt: Hier das FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by user (administrator) on PC-VOSS on 24-03-2014 10:46:03
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Doctor Web, Ltd.) C:\Program Files (x86)\DrWeb\dwservice.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Tlapia) C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Doctor Web, Ltd.) C:\Program Files (x86)\DrWeb\spideragent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Tlapia) C:\Program Files (x86)\sysTPL\sysTPL.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Doctor Web, Ltd.) C:\Program Files (x86)\DrWeb\dwnetfilter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Tlapia) C:\Program Files (x86)\sysTPL\sysTPLService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-20] (Realtek Semiconductor)
HKLM\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [FileOpenBroker] - C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1589104 2013-03-26] (FileOpen Systems Inc.)
HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\Run: [SpIDerAgent] - C:\Program Files (x86)\DrWeb\spideragent.exe [7540480 2014-03-21] (Doctor Web, Ltd.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [OOTag] - C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-02-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [636520 2012-02-07] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [sysTPL] - C:\Program Files (x86)\sysTPL\sysTPL.exe [1244440 2014-03-20] (Tlapia)
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1815366113-400607504-2382787183-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1815366113-400607504-2382787183-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
HKU\S-1-5-21-1815366113-400607504-2382787183-1000\...\MountPoints2: {4556785e-62ff-11e3-9383-f80f415765c1} - G:\SecureDrive.exe
HKU\S-1-5-21-1815366113-400607504-2382787183-1000\...\MountPoints2: {46a26236-406b-11e3-ba37-f80f415765c1} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1815366113-400607504-2382787183-1000\...\MountPoints2: {84c0b8c1-e92b-11e2-b682-f80f415765c1} - G:\LaunchU3.exe -a
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\user\AppData\Roaming\Windows Net Data\net.exe (No File)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8877
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEBF65258922CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378116617937&tguid=66920-6787-1378116617937-C18D5CADCF58B2F000912DA27989B932
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378116617937&tguid=66920-6787-1378116617937-C18D5CADCF58B2F000912DA27989B932&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378116617937&tguid=66920-6787-1378116617937-C18D5CADCF58B2F000912DA27989B932&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378116617937&tguid=66920-6787-1378116617937-C18D5CADCF58B2F000912DA27989B932&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: No Name - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: No Name - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dz2302to.default
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dz2302to.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @viewpoint.com/VMP - C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]
CHR Extension: (GMX MailCheck) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-02-28]
CHR Extension: (Google-Suche) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (HTML5 Video für YouTube™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2014-02-28]
CHR Extension: (Drucken) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2013-09-24]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (YouTube Unblocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2013-10-18]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-06-26]
==================== Services (Whitelisted) =================
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-27] (BitRaider, LLC)
R2 DrWebAVService; C:\Program Files (x86)\DrWeb\dwservice.exe [2977536 2014-03-21] (Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [1913680 2014-03-21] (Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files (x86)\DrWeb\dwnetfilter.exe [3184992 2014-03-21] (Doctor Web, Ltd.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 sysTPLMonitor.exe; C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe [399640 2014-03-20] (Tlapia)
R2 sysTPLService.exe; C:\Program Files (x86)\sysTPL\sysTPLService.exe [400664 2014-03-20] (Tlapia)
S2 0257671347983765mcinstcleanup; C:\Users\ADMINI~1\AppData\Local\Temp\025767~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X]
S2 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
==================== Drivers (Whitelisted) ====================
R1 DrWebWfp; C:\Windows\System32\drivers\dw_wfp.sys [72448 2014-03-21] (Doctor Web, Ltd.)
R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [226560 2014-03-21] (Doctor Web, Ltd.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R0 SpiderG3; C:\Windows\System32\drivers\spiderg3.sys [223960 2014-03-21] (Doctor Web, Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S0 mfewfpk; system32\drivers\mfewfpk.sys [X]
S3 PCDSRVC{1AD96DDB-27B07940-06020200}_0; \??\c:\users\administrator\appdata\local\temp\bjxq9ais9o1y\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 wanatw; system32\DRIVERS\wanatw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-24 10:36 - 2014-03-24 10:36 - 00000000 _____ () C:\Users\user\defogger_reenable
2014-03-24 08:53 - 2014-03-24 08:53 - 00002026 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-03-21 11:20 - 2014-03-21 11:22 - 00000314 _____ () C:\Windows\Tasks\Dr.Web Daily scan.job
2014-03-21 11:20 - 2014-03-21 11:20 - 00002994 _____ () C:\Windows\System32\Tasks\Dr.Web Daily scan
2014-03-21 11:20 - 2014-03-21 11:20 - 00000977 _____ () C:\Users\Public\Desktop\Dr.Web Scanner.lnk
2014-03-21 11:18 - 2014-03-24 08:29 - 00000000 __SHD () C:\DrWeb Quarantine
2014-03-21 11:16 - 2014-03-21 11:16 - 00226560 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwprot.sys
2014-03-21 11:16 - 2014-03-21 11:16 - 00223960 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\spiderg3.sys
2014-03-21 11:16 - 2014-03-21 11:16 - 00072448 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dw_wfp.sys
2014-03-21 11:15 - 2014-03-21 13:26 - 00000000 ____D () C:\Program Files (x86)\DrWeb
2014-03-21 11:15 - 2014-03-21 11:16 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-03-21 11:15 - 2014-03-21 11:15 - 00000000 ____D () C:\Program Files\Common Files\Doctor Web
2014-03-21 11:10 - 2014-03-21 11:10 - 00255200 _____ () C:\ProgramData\1395396586.bdinstall.bin
2014-03-21 09:44 - 2014-03-21 11:20 - 00000000 ____D () C:\Users\user\Doctor Web
2014-03-21 09:26 - 2014-03-21 09:35 - 207636488 _____ (Doctor Web, Ltd.) C:\Users\user\Desktop\drweb-700-win-space.exe
2014-03-21 09:26 - 2014-03-21 09:34 - 145210256 _____ () C:\Users\user\Desktop\cureit.exe
2014-03-20 14:15 - 2014-03-20 14:15 - 00868808 _____ () C:\ProgramData\1395316499.bdinstall.bin
2014-03-20 14:15 - 2014-03-20 14:15 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-03-20 14:15 - 2014-03-20 14:15 - 00000385 _____ () C:\Users\user\AppData\Roaminguser_gensett.xml
2014-03-20 14:14 - 2014-03-20 14:15 - 00000000 ____D () C:\ProgramData\BDLogging
2014-03-20 14:14 - 2014-03-20 14:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-03-20 14:14 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-03-20 14:13 - 2014-03-20 14:16 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-03-20 14:13 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-03-20 12:55 - 2014-03-21 11:12 - 00000000 ____D () C:\Program Files\Bitdefender
2014-03-20 12:55 - 2014-03-21 11:10 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-03-20 12:55 - 2014-03-20 14:16 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-03-20 12:55 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-03-20 12:55 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-03-20 12:54 - 2014-03-20 12:54 - 00000000 ____D () C:\Users\user\AppData\Roaming\QuickScan
2014-03-20 12:51 - 2014-03-21 11:10 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-03-19 16:22 - 2014-03-19 16:22 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-19 13:47 - 2014-03-20 08:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-19 13:47 - 2014-03-20 08:31 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-19 13:47 - 2014-03-19 16:22 - 00000000 ____D () C:\Users\user\Documents\Anti-Malware
2014-03-19 13:47 - 2014-03-19 16:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-19 13:47 - 2014-03-19 13:47 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-19 13:46 - 2014-03-19 13:46 - 00000036 _____ () C:\Users\user\AppData\Local\housecall.guid.cache
2014-03-19 12:30 - 2014-03-19 12:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\Malwarebytes
2014-03-19 11:28 - 2014-03-19 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 10:25 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-19 10:25 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-19 10:25 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-19 10:25 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-19 10:25 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-19 10:25 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-19 10:25 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-19 10:25 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-19 10:25 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-19 10:25 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-19 10:25 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-19 10:25 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-19 10:25 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-19 10:25 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-19 10:25 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-19 10:25 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-19 10:25 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-19 10:25 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-19 10:25 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-19 10:25 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-19 10:25 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-19 10:25 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-19 10:25 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-19 10:25 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-19 10:25 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-19 10:25 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-19 10:25 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-19 10:25 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-19 10:25 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-19 10:25 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-19 10:25 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-19 10:25 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-19 10:25 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-19 10:25 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-19 10:25 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-19 10:25 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-19 10:25 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-19 10:25 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-19 10:25 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-19 10:25 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-19 10:25 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-19 10:25 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-19 10:25 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-19 10:25 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-19 10:22 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-19 10:22 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-19 10:22 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-19 10:22 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-19 09:32 - 2014-03-19 10:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-19 09:32 - 2014-03-19 09:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-19 09:27 - 2014-03-19 09:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-19 09:02 - 2014-03-19 10:13 - 00000000 ____D () C:\AdwCleaner
2014-03-19 08:58 - 2014-03-24 10:46 - 00000000 ____D () C:\FRST
2014-02-28 15:53 - 2014-03-03 18:03 - 01593832 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-28 11:15 - 2014-02-28 11:15 - 01071000 _____ (Solid State Networks) C:\Users\user\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-27 10:44 - 2014-02-27 10:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\PDAppFlex
2014-02-27 10:44 - 2014-02-27 10:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-24 13:04 - 2014-02-28 10:32 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-24 11:37 - 2014-02-24 11:37 - 00008422 _____ () C:\Users\user\AppData\Local\recently-used.xbel
==================== One Month Modified Files and Folders =======
2014-03-24 10:46 - 2014-03-19 08:58 - 00000000 ____D () C:\FRST
2014-03-24 10:45 - 2013-08-12 13:00 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
2014-03-24 10:36 - 2014-03-24 10:36 - 00000000 _____ () C:\Users\user\defogger_reenable
2014-03-24 10:27 - 2013-06-26 15:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 10:13 - 2012-09-18 16:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 10:12 - 2013-07-09 07:57 - 00000000 ____D () C:\Users\user\AppData\Roaming\FileZilla
2014-03-24 10:04 - 2013-10-24 12:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\.purple
2014-03-24 10:03 - 2013-01-22 11:10 - 01070634 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 10:03 - 2009-07-14 05:51 - 00125889 _____ () C:\Windows\setupact.log
2014-03-24 09:27 - 2013-06-26 15:21 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 08:53 - 2014-03-24 08:53 - 00002026 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-03-24 08:53 - 2013-07-09 07:57 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-03-24 08:39 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 08:39 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 08:36 - 2013-01-22 20:04 - 00699386 _____ () C:\Windows\system32\perfh007.dat
2014-03-24 08:36 - 2013-01-22 20:04 - 00149526 _____ () C:\Windows\system32\perfc007.dat
2014-03-24 08:36 - 2009-07-14 06:13 - 01620488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 08:31 - 2010-11-21 04:47 - 00340164 _____ () C:\Windows\PFRO.log
2014-03-24 08:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 08:29 - 2014-03-21 11:18 - 00000000 __SHD () C:\DrWeb Quarantine
2014-03-21 13:26 - 2014-03-21 11:15 - 00000000 ____D () C:\Program Files (x86)\DrWeb
2014-03-21 13:22 - 2013-09-02 12:46 - 00000000 ____D () C:\Program Files (x86)\sysTPL
2014-03-21 12:06 - 2014-02-18 10:56 - 00000000 ____D () C:\Program Files\Java
2014-03-21 12:06 - 2013-07-17 13:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-21 11:22 - 2014-03-21 11:20 - 00000314 _____ () C:\Windows\Tasks\Dr.Web Daily scan.job
2014-03-21 11:20 - 2014-03-21 11:20 - 00002994 _____ () C:\Windows\System32\Tasks\Dr.Web Daily scan
2014-03-21 11:20 - 2014-03-21 11:20 - 00000977 _____ () C:\Users\Public\Desktop\Dr.Web Scanner.lnk
2014-03-21 11:20 - 2014-03-21 09:44 - 00000000 ____D () C:\Users\user\Doctor Web
2014-03-21 11:20 - 2013-09-02 12:48 - 00001648 _____ () C:\Windows\Sandboxie.ini
2014-03-21 11:16 - 2014-03-21 11:16 - 00226560 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwprot.sys
2014-03-21 11:16 - 2014-03-21 11:16 - 00223960 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\spiderg3.sys
2014-03-21 11:16 - 2014-03-21 11:16 - 00072448 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dw_wfp.sys
2014-03-21 11:16 - 2014-03-21 11:15 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-03-21 11:15 - 2014-03-21 11:15 - 00000000 ____D () C:\Program Files\Common Files\Doctor Web
2014-03-21 11:12 - 2014-03-20 12:55 - 00000000 ____D () C:\Program Files\Bitdefender
2014-03-21 11:10 - 2014-03-21 11:10 - 00255200 _____ () C:\ProgramData\1395396586.bdinstall.bin
2014-03-21 11:10 - 2014-03-20 12:55 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-03-21 11:10 - 2014-03-20 12:51 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-03-21 09:35 - 2014-03-21 09:26 - 207636488 _____ (Doctor Web, Ltd.) C:\Users\user\Desktop\drweb-700-win-space.exe
2014-03-21 09:34 - 2014-03-21 09:26 - 145210256 _____ () C:\Users\user\Desktop\cureit.exe
2014-03-20 19:13 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-03-20 19:09 - 2013-09-02 11:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Windows Net Data
2014-03-20 15:38 - 2013-07-09 15:31 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-03-20 14:16 - 2014-03-20 14:13 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-03-20 14:16 - 2014-03-20 12:55 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-03-20 14:15 - 2014-03-20 14:15 - 00868808 _____ () C:\ProgramData\1395316499.bdinstall.bin
2014-03-20 14:15 - 2014-03-20 14:15 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-03-20 14:15 - 2014-03-20 14:15 - 00000385 _____ () C:\Users\user\AppData\Roaminguser_gensett.xml
2014-03-20 14:15 - 2014-03-20 14:14 - 00000000 ____D () C:\ProgramData\BDLogging
2014-03-20 14:14 - 2014-03-20 14:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-03-20 13:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-20 12:54 - 2014-03-20 12:54 - 00000000 ____D () C:\Users\user\AppData\Roaming\QuickScan
2014-03-20 12:52 - 2013-07-09 08:07 - 00000000 ____D () C:\ProgramData\Avira
2014-03-20 08:31 - 2014-03-19 13:47 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-20 08:31 - 2014-03-19 13:47 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-20 08:31 - 2013-07-09 07:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-20 08:31 - 2013-07-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-20 08:31 - 2009-07-14 05:45 - 00344312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-19 17:50 - 2013-06-26 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-19 16:22 - 2014-03-19 16:22 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-19 16:22 - 2014-03-19 13:47 - 00000000 ____D () C:\Users\user\Documents\Anti-Malware
2014-03-19 16:22 - 2014-03-19 13:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-19 16:21 - 2013-08-26 15:40 - 00000000 ____D () C:\Users\user\Desktop\Privat
2014-03-19 13:47 - 2014-03-19 13:47 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-19 13:46 - 2014-03-19 13:46 - 00000036 _____ () C:\Users\user\AppData\Local\housecall.guid.cache
2014-03-19 13:41 - 2013-06-26 15:36 - 00000296 _____ () C:\Windows\Tasks\Synology Data Replicator 3-user-PC1-user.job
2014-03-19 13:41 - 2013-06-26 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 12:30 - 2014-03-19 12:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\Malwarebytes
2014-03-19 11:28 - 2014-03-19 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 10:20 - 2013-08-14 16:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 10:18 - 2013-07-15 07:32 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 10:14 - 2013-07-09 12:43 - 00000000 ____D () C:\Users\Peer
2014-03-19 10:14 - 2013-06-25 10:16 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-19 10:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-03-19 10:13 - 2014-03-19 09:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-19 10:13 - 2014-03-19 09:02 - 00000000 ____D () C:\AdwCleaner
2014-03-19 10:13 - 2014-01-08 11:06 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-03-19 10:13 - 2014-01-08 11:06 - 00000000 ____D () C:\Program Files (x86)\Viewpoint
2014-03-19 10:13 - 2013-09-02 12:46 - 00000000 ____D () C:\Users\user\AppData\Roaming\Tlapia
2014-03-19 10:13 - 2013-06-26 15:20 - 00000000 __RHD () C:\MSOCache
2014-03-19 10:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-19 09:32 - 2014-03-19 09:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-19 09:27 - 2014-03-19 09:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 12:27 - 2012-09-18 16:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 12:27 - 2012-09-18 16:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 12:27 - 2012-09-18 16:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 14:11 - 2013-07-23 12:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\SuperMailer
2014-03-03 18:03 - 2014-02-28 15:53 - 01593832 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 07:05 - 2014-03-19 10:25 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-19 10:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-19 10:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-19 10:25 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-19 10:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-19 10:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-19 10:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-19 10:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-19 10:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-19 10:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-19 10:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-19 10:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-19 10:25 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-19 10:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-19 10:25 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-19 10:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-19 10:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-19 10:25 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-19 10:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-19 10:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-19 10:25 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-19 10:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-19 10:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-19 10:25 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-19 10:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-19 10:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-19 10:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-19 10:25 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-19 10:25 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-19 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-19 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-19 10:25 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-19 10:25 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-19 10:25 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-19 10:25 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-19 10:25 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-19 10:25 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-19 10:25 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-19 10:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-19 10:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 12:37 - 2014-02-28 12:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-28 12:32 - 2013-08-19 07:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-28 11:53 - 2013-06-25 10:17 - 00086552 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 11:52 - 2014-02-14 13:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-28 11:52 - 2014-02-14 12:22 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-28 11:52 - 2013-10-24 12:36 - 00000000 ____D () C:\Users\user\AppData\Local\gtk-2.0
2014-02-28 11:52 - 2013-07-15 10:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\PersBackup5
2014-02-28 11:52 - 2013-07-09 13:57 - 00000000 ____D () C:\Users\user\AppData\Roaming\IrfanView
2014-02-28 11:52 - 2013-06-26 15:21 - 00000000 ____D () C:\Users\user\AppData\Local\Microsoft Help
2014-02-28 11:52 - 2012-09-18 16:49 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-28 11:52 - 2012-09-18 16:49 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-28 11:51 - 2013-07-09 13:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-28 11:15 - 2014-02-28 11:15 - 01071000 _____ (Solid State Networks) C:\Users\user\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 10:35 - 2012-09-18 16:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-28 10:32 - 2014-02-24 13:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-27 10:44 - 2014-02-27 10:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\PDAppFlex
2014-02-27 10:44 - 2014-02-27 10:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-24 11:43 - 2013-09-11 09:20 - 00000000 ____D () C:\Users\user\.gimp-2.8
2014-02-24 11:37 - 2014-02-24 11:37 - 00008422 _____ () C:\Users\user\AppData\Local\recently-used.xbel
Files to move or delete:
====================
C:\Users\user\RevMan_5_2_7_update_windows_java6.exe
Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\install_reader11_de_mssd_aaa_aih.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-21 18:47
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by user at 2014-03-24 10:46:23
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Doctor Web Anti-Virus (Enabled - Up to date) {A8C161B2-600A-42FD-97E0-4C12952A9FEC}
AS: Doctor Web Anti-Virus (Enabled - Up to date) {13A08056-4630-4D73-AD50-7760EEADD551}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D386AA62-CC9D-213D-BCD3-1FF53F7B8BAC}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.70223.0019 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0223.107.1652 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-9840CDW (HKLM-x32\...\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Catalyst Control Center InstallProxy (x32 Version: 2012.0223.107.1652 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0223.107.1652 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0223.107.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0223.0106.1652 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0223.107.1652 - Advanced Micro Devices, Inc.) Hidden
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft)
Dr.Web Security Space 7.0 (HKLM-x32\...\{1D3EC754-CBE5-4495-808B-43C461A4A3A8}) (Version: 7.0.2.02040 - Doctor Web, Ltd.)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.0.6348 - Thomson Reuters)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileOpen Client B928 (HKLM\...\FileOpenClient_is1) (Version: B928 - FileOpen Systems, Inc.)
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3510 - Acer Incorporated)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
Nero Control Center 10 (x32 Version: 10.6.13200.0.12 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10022.15.0 - Nero AG) Hidden
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version: - VeryPDF.com Inc)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.7 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.56.316.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - )
Review Manager 5.2.6 (HKLM-x32\...\0222-0618-0114-4896) (Version: 5.2.6 - The Nordic Cochrane Centre, Rigshospitalet)
Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SuperMailer 7.11 (HKLM\...\Newsletter Software SuperMailer (x64)_is1) (Version: 7.11 - Mirko Boeer Softwareentwicklungen)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
sysTPL (HKLM-x32\...\{59E3B807-2D5A-4AAE-A6C7-62F9A1615E84}) (Version: 1.0.0 - Tlapia)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-03-2014 23:00:01 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {084DC814-72AB-45BF-ABF8-1BEA08CFEA16} - System32\Tasks\{11DB70DD-9907-4644-84A4-AB87C2FB3652} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {12519CD9-29A2-4AE2-9AE4-4A74913A0933} - System32\Tasks\{7DD5053C-2414-443B-B178-DED91B1ACC24} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {153C6A60-150E-47A2-8EFA-6FE750582906} - System32\Tasks\{12CB2061-F527-4187-BEC5-09FA85DB5B9A} => Chrome.exe hxxp://ui.skype.com/ui/0/4.2.0.187/de/go/help.faq.installer?LastError=1603
Task: {1FD6A748-B2A0-4563-A86B-11B6AAE2E86C} - System32\Tasks\{9BFA2FDC-A1F6-45B3-B8C2-98A1DF085C26} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {260AB360-E929-4249-B2E2-04AEB4630FA2} - System32\Tasks\{FBAA3862-A672-405B-8E4F-88FD519EFAF3} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {34803226-F4C8-402C-83E7-3190C7D4CE3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {357A9096-350F-422D-9394-B1A6A5625A70} - System32\Tasks\Backup Voss => C:\Program Files (x86)\AceBIT\AceBackup 3\AceBackup.exe
Task: {3D2F6278-9C85-441E-91F3-2CEBCC4737F6} - System32\Tasks\{F37A84DD-E48C-4EAE-B793-806D522EE909} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {3FF728E8-5B6B-43CE-8B30-9D3E71FBCE4A} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {567C9320-1349-472C-BE87-663C19340F6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {582A03C6-9B18-42A3-9266-3D4E348C5B38} - System32\Tasks\{D598A2A6-708B-49AB-ACCA-542375BAD6E8} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {5DAC6992-43CE-4B01-99C9-F6A267B7A287} - System32\Tasks\{E89F9153-83AC-48D7-8595-590BB8882F68} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {62FF86FE-33AC-4637-AD5A-B56282721193} - System32\Tasks\{DB17BA99-2596-46E2-BE92-62FCB7F85ED7} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {652CB9E6-E14E-4D89-9562-553F1E3DD006} - System32\Tasks\{4D4DCA89-C2F5-455B-8403-AE5FC44DC5E2} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {69497C6E-7B66-4160-9C24-F06ABD824156} - System32\Tasks\{CE2BFDEF-10DC-419E-A659-AB56A6ABFF7A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {6B87273D-193C-4451-890C-0B3EA8B2023E} - System32\Tasks\{69EB7934-A168-4869-8988-5231202BBA59} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {6FD856F5-E77C-4546-9E4C-E49E37277CAA} - System32\Tasks\{3EECE108-0841-46A3-ADCD-4F8632FDD8FB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {741A846A-BA46-4E9F-98AF-85ED502D3A35} - System32\Tasks\{8292B859-F559-4E5C-A055-63E708863A65} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {7C653056-E3F6-434F-AA6B-DD10CD31A45D} - System32\Tasks\{8AF8B8F8-AA89-4E66-9F29-44ECE112006B} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {89315E01-8CB7-40A7-8D3D-7AD20465C07B} - System32\Tasks\{E33956E6-69F4-40E8-B95C-4CA33C32BAE1} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {8C180B9C-D80F-49A2-B1BA-87A89C015F4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {9760257B-72B4-41D9-8669-C7D5AC263B5A} - System32\Tasks\{ACE3A342-BA13-4E92-B18A-EAD9B79175BE} => Chrome.exe hxxp://ui.skype.com/ui/0/4.2.0.187/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {9DC3EE91-8AA9-442F-8CEB-4782610C918E} - System32\Tasks\Synology Data Replicator 3-user-PC1-user => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
Task: {9FF05709-D6C0-469B-8975-5B26442D49D9} - System32\Tasks\{AC4A36EA-9E43-4711-856C-5698AC9DB8C9} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {A8D8E0DF-0536-4DED-819A-36D7BB124539} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {ACDC197C-0C02-4BE0-927E-D7221C57BC79} - System32\Tasks\{531F6726-F145-49C7-BAC8-5C60BA981A75} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {B07767DC-88C1-4755-86A5-A1C5A1B1D22B} - System32\Tasks\{B9EC5CF5-9834-44EC-9A1D-EA3FC8AD33A9} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {BB7CB864-4FC2-4BB8-B5B6-12FD6C69CC0A} - System32\Tasks\Dr.Web Daily scan => C:\Program Files (x86)\DrWeb\dwscanner.exe [2014-03-21] (Doctor Web, Ltd.)
Task: {C43EC51F-97B0-446C-9ABC-E737AEBFE220} - System32\Tasks\{5E3B5E45-E767-4F58-B0BF-43A0042A58F3} => Chrome.exe hxxp://ui.skype.com/ui/0/4.2.0.187/de/go/help.faq.installer?LastError=1603
Task: {D4A9B934-E91D-4EDC-BCA0-5E881D5FA9DC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {E7637302-77C7-447F-8D5E-4118F4BC1437} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E798CA12-83D8-4E02-A042-0A5944A4CA80} - System32\Tasks\{40AFB9C4-ACA7-4061-B19F-D7CE1B9909AD} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {ED983E02-B4B8-48EC-BCDC-22964CB6E652} - System32\Tasks\{761B746B-37D9-450C-B115-488201E9849E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {F48D345D-938D-4BE6-BA61-65E0E93A98E9} - System32\Tasks\{BDA07002-8A6A-4046-8BA5-B18B092CE1BC} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {F96B503B-FC45-4AFB-A117-CA44D97B1C41} - System32\Tasks\{AB4B1746-25BC-4750-A0C1-13D312123DD2} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {F97C37BD-B55C-4C86-B77C-28EBB87F8E92} - System32\Tasks\{5FD2C771-4A5C-43C0-822E-AD12E85D279E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: {FF379477-40EA-4228-B4F4-09C4598D6506} - System32\Tasks\{88534142-E0B8-49BF-B52E-097B64AE0AD1} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Backup Voss.job => C:\Program Files (x86)\AceBIT\AceBackup 3\AceBackup.exe
Task: C:\Windows\Tasks\Dr.Web Daily scan.job => C:\Program Files (x86)\DrWeb\dwscanner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Synology Data Replicator 3-user-PC1-user.job => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
==================== Loaded Modules (whitelisted) =============
2013-07-09 14:31 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-02-07 03:17 - 2012-02-07 03:17 - 00636520 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2012-02-23 01:59 - 2012-02-23 01:59 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-07 03:18 - 2012-02-07 03:18 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2013-07-09 14:31 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-02-13 05:44 - 2013-02-13 05:44 - 00028160 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2013-02-13 05:44 - 2013-02-13 05:44 - 00671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00100352 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 01274655 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2013-02-13 05:44 - 2013-02-13 05:44 - 00475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00310491 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00092874 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00209619 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00105620 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00190464 _____ () C:\Program Files (x86)\Pidgin\libsasl.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00373657 _____ () C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00149933 _____ () C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00106670 _____ () C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00116583 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00171090 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 02097721 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00818985 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00055758 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00415553 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00022832 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00228908 _____ () C:\Program Files (x86)\Pidgin\libymsg.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00019793 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00047391 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00029225 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2012-09-09 14:17 - 2012-09-09 14:17 - 00472576 _____ () C:\Program Files (x86)\Pidgin\plugins\pidgin-otr.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00069575 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00027811 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00023305 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2013-02-13 05:45 - 2013-02-13 05:45 - 00044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00102400 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00115712 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00140288 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2013-02-13 05:43 - 2013-02-13 05:43 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2013-02-13 05:44 - 2013-02-13 05:44 - 00425984 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2013-10-24 12:20 - 2013-10-24 12:20 - 00090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-02-11 20:29 - 2014-02-11 20:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-19 15:35 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\user\Desktop\cureit.exe:BDU
AlternateDataStreams: C:\Users\user\Desktop\drweb-700-win-space.exe:BDU
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2014 10:44:47 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: filezilla.exe, Version: 3.7.4.1, Zeitstempel: 0x52fa7a11
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0xdfc
Startzeit der fehlerhaften Anwendung: 0xfilezilla.exe0
Pfad der fehlerhaften Anwendung: filezilla.exe1
Pfad des fehlerhaften Moduls: filezilla.exe2
Berichtskennung: filezilla.exe3
Error: (03/24/2014 08:32:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 06:54:18 PM) (Source: SPP) (User: )
Description: Fehler beim Löschen der Schattenkopie "\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2\" auf Volume "\\?\Volume{87c6ee29-de60-11e2-b588-f80f415765c1}\".
VSS-Fehler: Das angegebene Objekt wurde nicht gefunden. (0x80042308)
Benutzeraktion
Wiederholen Sie den Löschvorgang, oder öffnen Sie das Ereignisprotokoll, um zugehörige VSS-Einträge anzuzeigen.
Error: (03/21/2014 01:11:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:58:49 AM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.16521 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d88
Startzeit: 01cf44f429d6a0aa
Endzeit: 62
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: c301976a-b0e7-11e3-a364-f80f415765c1
Error: (03/21/2014 11:22:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:13:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:08:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 09:45:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 08:35:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/24/2014 08:31:57 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Error: (03/24/2014 08:31:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/24/2014 08:31:46 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (03/21/2014 01:10:43 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Error: (03/21/2014 01:10:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/21/2014 01:10:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (03/21/2014 11:22:12 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Error: (03/21/2014 11:22:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/21/2014 11:22:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (03/21/2014 11:12:21 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Microsoft Office Sessions:
=========================
Error: (03/24/2014 10:44:47 AM) (Source: Application Error)(User: )
Description: filezilla.exe3.7.4.152fa7a11ntdll.dll6.1.7601.18247521ea8e7c000000500038e19dfc01cf473626600069C:\Program Files (x86)\FileZilla FTP Client\filezilla.exeC:\Windows\SysWOW64\ntdll.dllef72209c-b338-11e3-881c-f80f415765c1
Error: (03/24/2014 08:32:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 06:54:18 PM) (Source: SPP)(User: )
Description: \\?\Volume{87c6ee29-de60-11e2-b588-f80f415765c1}\\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2\Das angegebene Objekt wurde nicht gefunden. (0x80042308)
Error: (03/21/2014 01:11:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:58:49 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.16521d8801cf44f429d6a0aa62C:\Program Files\Internet Explorer\iexplore.exec301976a-b0e7-11e3-a364-f80f415765c1
Error: (03/21/2014 11:22:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:13:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:08:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 09:45:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 08:35:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 11731.65 MB
Available physical RAM: 9773.46 MB
Total Pagefile: 23461.48 MB
Available Pagefile: 20315.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:146.73 GB) (Free:64.32 GB) NTFS
Drive d: (Volume) (Fixed) (Total:764.17 GB) (Free:747.97 GB) NTFS
Drive z: (Shared) (Network) (Total:913.94 GB) (Free:566.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8BEBDBAB)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Not Active) - (Size=21 GB) - (Type=27)
Partition 3: (Active) - (Size=100 MB) - (Type=42)
Partition 4: (Not Active) - (Size=147 GB) - (Type=42)
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:36 on 24/03/2014 (user)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-24 11:12:39
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006a ST1000DM rev.CC44 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\user\AppData\Local\Temp\fxtdapob.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031f7000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff800031f7042 4 bytes [00, 00, 00, 00]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\DrWeb\spideragent.exe[2812] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075568769 5 bytes [33, C0, C2, 04, 00]
.text C:\Program Files (x86)\Pidgin\pidgin.exe[3424] C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll!purple_init_plugin + 10 000000006ebd1ce2 4 bytes [40, 90, AC, 68]
.text C:\Program Files (x86)\Pidgin\pidgin.exe[3424] C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll!purple_init_plugin + 160 000000006ebd1d78 4 bytes [40, 90, AC, 68]
.text C:\Program Files (x86)\DrWeb\SpiderAgent_Adm.exe[6676] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075568769 5 bytes [33, C0, C2, 04, 00]
.text C:\Program Files (x86)\DrWeb\spideragent.exe[5028] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075568769 5 bytes [33, C0, C2, 04, 00]
---- EOF - GMER 2.1 ----
Fehlt noch etwas? Vielen Dank für die Hilfe und viele Grüße, Peer |
| Themen zu Windows 7: Trojaner Proxy-Server 127.0.0.1 Port: 8877 |
| 4d36e972-e325-11ce-bfc1-08002be10318, avira, bonjour, desktop, error, excel, failed, flash player, ftp, google, home, homepage, iexplore.exe, mozilla, msiexec.exe, ntdll.dll, port, problem, proxy-server, realtek, registry, scan, security, services.exe, siteadvisor, svchost.exe, synology, system, teredo, trojaner, trojaner 127.0.0.1:8877, wildtangent games, windows |
Baum-Darstellung