| |
| |||||||
Log-Analyse und Auswertung: feed.safefinder.com entfernen und System auf Viren überprüfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.09.2014, 06:07
| #1 |
| |  feed.safefinder.com entfernen und System auf Viren überprüfen Hallo Trojaner - board user, habe ein Problem mit dem bösewicht: hxxp://feed.safefinder.com bin schon folgende Maßnahmen durchgegangen : http://www.trojaner-board.de/150276-...entfernen.html Und ich bitte um ein paar Tipps um mein System vollständig zu reinigen. Anbei sende ich die log. datei von AdwCleaner: ***** [ Dateien / Ordner ] ***** ***** [ Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17278 -\\ Google Chrome v37.0.2062.120 [ Datei : C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Startup_urls] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,, ************************* AdwCleaner[R0].txt - [2831 octets] - [14/09/2014 00:44:42] AdwCleaner[R1].txt - [1210 octets] - [15/09/2014 04:48:51] AdwCleaner[R2].txt - [1313 octets] - [15/09/2014 07:27:20] AdwCleaner[R3].txt - [1373 octets] - [16/09/2014 02:12:40] AdwCleaner[R4].txt - [1493 octets] - [16/09/2014 02:42:45] AdwCleaner[S0].txt - [2671 octets] - [14/09/2014 00:54:12] AdwCleaner[S1].txt - [1271 octets] - [15/09/2014 04:49:18] AdwCleaner[S2].txt - [1434 octets] - [16/09/2014 02:14:03] AdwCleaner[S3].txt - [1414 octets] - [16/09/2014 02:43:20] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1474 octets] ########## MfG MasterOG Habe folgende Programme, nach dieser Anleitung : http://www.trojaner-board.de/150276-...entfernen.html Ausgeführt. Malwarebytes Anti-Malware AdwCleaner junkware_removal_tool/ Shortcut Cleaner Eset Smartinstaller OTH - OTHelper - Kill All Processes Befürchte aber immer noch, dass mein System nicht vollständig sauber geworden ist. MfG. AdwCleaner findet immer noch diesen bösewicht: safefinder obwohl ich ihn über 10 mal gelöscht habe. Hier der Aktuelle LOG_AdwCleaner:AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.310 - Bericht erstellt am 16/09/2014 um 03:47:21
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : RedSpider - REDSPIDER-PC
# Gestartet von : D:\Software\AdwCleaner_3.310.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17278
-\\ Google Chrome v37.0.2062.120
[ Datei : C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Startup_urls] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,,
*************************
AdwCleaner[R0].txt - [2831 octets] - [14/09/2014 00:44:42]
AdwCleaner[R1].txt - [1210 octets] - [15/09/2014 04:48:51]
AdwCleaner[R2].txt - [1313 octets] - [15/09/2014 07:27:20]
AdwCleaner[R3].txt - [1373 octets] - [16/09/2014 02:12:40]
AdwCleaner[R4].txt - [1493 octets] - [16/09/2014 02:42:45]
AdwCleaner[R5].txt - [1233 octets] - [16/09/2014 03:47:21]
AdwCleaner[S0].txt - [2671 octets] - [14/09/2014 00:54:12]
AdwCleaner[S1].txt - [1271 octets] - [15/09/2014 04:49:18]
AdwCleaner[S2].txt - [1434 octets] - [16/09/2014 02:14:03]
AdwCleaner[S3].txt - [1554 octets] - [16/09/2014 02:43:20]
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1533 octets] ##########
LOG File JRT.txt:JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 Pro x64
Ran by RedSpider on 16.09.2014 at 7:02:52,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.09.2014 at 7:04:12,66
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log file: Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler) Bleeping Computer - Technical Support and Computer Help Copyright 2008-2014 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: Shortcut Cleaner Download Windows Version: Windows 8.1 Pro Program started at: 09/16/2014 07:06:15 AM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\RedSpider\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching C:\Users\RedSpider\Desktop 0 bad shortcuts found. Program finished at: 09/16/2014 07:06:19 AM Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s) |
|
16.09.2014, 07:48
| #2 |
| /// the machine /// TB-Ausbilder    | feed.safefinder.com entfernen und System auf Viren überprüfen hi,
__________________Scan mit Combofix
__________________ |
|
16.09.2014, 11:37
| #3 |
| | feed.safefinder.com entfernen und System auf Viren überprüfen Hey schrauber hi,
__________________danke für deine schnelle Unterstützung. Habe combofix auf dem Desktop und werde es gleich, nach dem ESET Online Scanner durchgelaufen ist Starten. Möchte ESET nicht abbrechen da dieses Programm schon 12infected files gefunden hat aber die meisten sind unsafe applications, da ich den Scan so angepasst habe. beim Installieren gleich am Anfang kommt folgende Meldung : This operating system is not supportedQ ComboFix only runs on: win xp win vista win8 jeweils alle mit 32/64Bit Windows 2000 is no longer supported. Seltsam ich nutze 8.1 64Bit KompatibilitätsModus bringt auch nicht das Programm zum Starten ! Ich werde mal das System neu starten und dann probieren. Unbenannt.JPG - directupload.net Keine Besserung! bekomme combofix nicht zum laufen :-( Immer diese Windows 2000 Meldung, genau wie im Anhang: "Unbenannt.JPG" Mein windows 8.1 System ist auch nicht mehr Stabil auf einmal, seit dem ich versuche es zu säubern...braucht lange beim hochfahren oder man kommt nur noch auf die app Oberfläche und der lade Vorgang von der Taskleiste hängt sich auf und ladet so lange... Die Instabilität konnte ich lösen, es lag am UEFI Bios bei den Leistungs Optimierungen. |
|
17.09.2014, 05:43
| #4 |
| /// the machine /// TB-Ausbilder | feed.safefinder.com entfernen und System auf Viren überprüfen hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.09.2014, 11:30
| #5 |
| | feed.safefinder.com entfernen und System auf Viren überprüfen Hi schrauber, habe den Scan durchgeführt : FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by RedSpider (administrator) on REDSPIDER-PC on 17-09-2014 12:03:35 Running from C:\Users\RedSpider\Desktop Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe\livecomm.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Unified Intents AB) C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_asio\ASIOhost64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [43608 2010-09-07] () Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd) HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-06-03] (Unified Intents AB) HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [GoogleChromeAutoLaunch_AA0546F6283AA107B5D07868E0E0FE05] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [912200 2014-09-04] (Google Inc.) HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {4cd61f86-c877-11e3-8186-bcaec574c7fa} - "K:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {75a9a0da-32ee-11e4-8206-bcaec574c7fa} - "K:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {b952332c-e244-11e3-81a2-bcaec574c7fa} - "L:\HTC_Sync_Manager_PC.exe" Startup: C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBA2693E4A4FCCD01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - {9A01AA53-FAB4-4F9F-BB65-6D7F304B93BF} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B010DE0D20140409&p={SearchTerms} SearchScopes: HKCU - {BAB65997-01F0-41B0-B41D-937F60235DED} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-22] Chrome: ======= CHR HomePage: Default -> hxxp://google.de/ CHR StartupUrls: Default -> "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=071313", "hxxp://www.spiegel.de/", "hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,," CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (chessmail ~ Schach) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkgfhmdidjkcoflclddnmgacgeaahkk [2014-04-02] CHR Extension: (HD for YouTube™) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-04-04] CHR Extension: (Google Drive) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-02] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12] CHR Extension: (YouTube) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-02] CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-04-02] CHR Extension: (AdBlock) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-02] CHR Extension: (Stealthy) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-04-02] CHR Extension: (Google Wallet) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-15] CHR Extension: (Marc Ecko) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-04-02] CHR Extension: (Google Mail) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2013-11-01] (ASUSTeK Computer Inc.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [25928 2012-08-20] (MCCI Corporation) S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [150344 2012-08-20] (MCCI Corporation) S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-08-30] (Emsisoft GmbH) S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) [File not signed] R3 DE_USBAUDIO; C:\Windows\system32\drivers\de_usbaudio.sys [144896 2013-05-20] (D&M Holdings Inc.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468240 2013-08-21] (Intel Corporation) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-09-13] (REALiX(tm)) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-17] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R1 pfmfs_7DB; C:\Windows\System32\Drivers\pfmfs_7DB.sys [258296 2013-02-19] (Pismo Technic Inc.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-06-10] () S3 SaiK0CFA; C:\Windows\system32\DRIVERS\SaiK0CFA.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [24680 2012-10-15] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek) S3 SaiU0CFA; C:\Windows\System32\drivers\SaiU0CFA.sys [47168 2012-09-20] (Saitek) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X] U3 idsvc; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-17 12:03 - 2014-09-17 12:03 - 00021826 _____ () C:\Users\RedSpider\Desktop\FRST.txt 2014-09-17 12:02 - 2014-09-17 12:02 - 02105856 _____ (Farbar) C:\Users\RedSpider\Desktop\FRST64.exe 2014-09-16 12:44 - 2014-09-16 12:44 - 01373475 _____ () C:\Users\RedSpider\Desktop\AdwCleaner.exe 2014-09-16 10:21 - 2014-09-16 10:21 - 05579386 _____ (Swearware) C:\Users\RedSpider\Desktop\ComboFix.exe 2014-09-16 08:54 - 2014-09-16 08:54 - 00002308 _____ () C:\Users\RedSpider\AppData\Local\recently-used.xbel 2014-09-16 08:09 - 2014-09-16 08:09 - 01361419 _____ () C:\Users\RedSpider\Downloads\Matroska113Splitter.exe 2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Haali 2014-09-16 07:04 - 2014-09-16 07:04 - 00000645 _____ () C:\Users\RedSpider\Desktop\JRT.txt 2014-09-16 06:51 - 2014-09-17 11:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-09-16 06:51 - 2014-09-16 06:51 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-16 06:51 - 2014-09-16 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-16 06:51 - 2014-09-16 06:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-16 06:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-09-16 06:51 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-09-16 06:51 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-09-16 06:50 - 2014-09-16 06:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\RedSpider\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-16 06:47 - 2014-09-16 06:47 - 00002358 _____ () C:\Users\RedSpider\Desktop\aswMBR.txt 2014-09-16 06:17 - 2014-09-16 06:17 - 05185536 _____ (AVAST Software) C:\Users\RedSpider\Downloads\aswMBR.exe 2014-09-16 06:08 - 2014-09-16 06:08 - 00095642 _____ () C:\Users\RedSpider\Downloads\FRST.txt 2014-09-16 06:08 - 2014-09-16 06:08 - 00053474 _____ () C:\Users\RedSpider\Downloads\Addition.txt 2014-09-16 06:06 - 2014-09-17 12:03 - 00000000 ____D () C:\FRST 2014-09-16 06:06 - 2014-09-16 06:06 - 02105856 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST64.exe 2014-09-16 06:04 - 2014-09-16 06:05 - 01097728 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST.exe 2014-09-16 04:03 - 2014-09-16 04:03 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-09-16 02:29 - 2014-09-16 02:29 - 00259584 _____ (OldTimer Tools) C:\Users\RedSpider\Desktop\OTH.scr 2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Program Files\McAfee 2014-09-15 05:01 - 2014-09-15 05:01 - 00001778 _____ () C:\sc-cleaner.txt 2014-09-15 05:00 - 2014-09-15 05:00 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-09-14 19:02 - 2014-09-14 19:05 - 00073728 ___SH () C:\Users\RedSpider\Documents\Thumbs.db 2014-09-14 00:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-09-14 00:44 - 2014-09-16 12:46 - 00000000 ____D () C:\AdwCleaner 2014-09-13 22:56 - 2014-09-13 22:56 - 00016983 _____ () C:\Users\RedSpider\Downloads\Gasoline - A Journey Into Abstract Hip-Hop - 2002 (CD - FLAC - Lossless).torrent 2014-09-13 22:33 - 2014-09-16 10:20 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-09-13 22:33 - 2014-09-13 22:33 - 21370837 _____ () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com].rar 2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com] 2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-09-13 22:00 - 2014-09-13 22:00 - 02688024 _____ (Martin Malík - REALiX ) C:\Users\RedSpider\Downloads\hw64_444.exe 2014-09-13 22:00 - 2014-09-13 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS 2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\Program Files\HWiNFO64 2014-09-13 21:57 - 2014-09-13 22:30 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Micro-Star_Int'l_Co.,_Ltd 2014-09-13 21:57 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer 2014-09-13 21:56 - 2014-09-13 21:56 - 00080332 _____ () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer.rar 2014-09-12 02:04 - 2014-09-12 02:04 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64 (1).msi 2014-09-11 16:22 - 2014-09-12 02:04 - 00000000 ____D () C:\Program Files\Microsoft Xbox One Controller for Windows 2014-09-11 03:46 - 2014-09-11 03:46 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\MKKE 2014-09-11 03:38 - 2014-09-11 03:38 - 174063616 _____ () C:\Users\RedSpider\Downloads\clonezilla-live-20140630-trusty-amd64.iso 2014-09-11 03:24 - 2014-09-11 03:24 - 00000222 _____ () C:\Users\RedSpider\Desktop\Mortal Kombat Komplete Edition.url 2014-09-11 03:00 - 2014-09-11 03:01 - 00458752 _____ () C:\WINDOWS\system32\Ikeext.etl 2014-09-11 02:57 - 2014-09-11 03:05 - 00054164 _____ () C:\Users\RedSpider\Downloads\USAIPDEMO.pbk 2014-09-11 01:54 - 2014-09-11 01:54 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64.msi 2014-09-10 23:50 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-09-10 23:50 - 2014-08-29 03:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-09-10 23:50 - 2014-08-29 02:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-09-10 23:50 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-09-10 23:50 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-09-10 23:50 - 2014-08-26 00:27 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-09-10 23:50 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2014-09-10 23:50 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2014-09-10 23:50 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-09-10 23:50 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2014-09-10 23:50 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-09-10 23:50 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-09-10 23:50 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-09-10 23:50 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-09-10 23:50 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-09-10 23:50 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-09-10 23:50 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-09-10 23:50 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-09-10 23:50 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-09-10 23:50 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-09-10 23:50 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-09-10 23:50 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-09-10 23:50 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-09-10 23:50 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-09-10 23:50 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-09-10 23:50 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2014-09-10 23:50 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-09-10 23:50 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2014-09-10 23:50 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll 2014-09-10 23:50 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-09-10 23:50 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2014-09-10 23:50 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2014-09-10 23:50 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2014-09-10 23:50 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2014-09-10 23:50 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-09-10 23:50 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-09-10 23:50 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-09-10 23:50 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-09-10 23:50 - 2014-08-16 02:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-09-10 23:50 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-09-10 23:50 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-09-10 23:50 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-09-10 23:50 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-09-10 23:50 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-09-10 23:50 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-09-10 23:50 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-09-10 23:50 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-09-10 23:50 - 2014-08-16 02:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-09-10 23:50 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-09-10 23:50 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-09-10 23:50 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-09-10 23:50 - 2014-08-01 01:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-09-10 23:43 - 2014-09-10 23:43 - 17903792 _____ (Adobe Systems Incorporated) C:\Users\RedSpider\Downloads\install_flash_player.exe 2014-09-10 23:28 - 2014-09-10 23:28 - 01054400 _____ (Adobe) C:\Users\RedSpider\Downloads\install_flashplayer15x32ax_gtbd_chrd_dn_aaa_aih.exe 2014-09-10 05:30 - 2014-09-10 05:30 - 05412944 _____ (Canneverbe Limited ) C:\Users\RedSpider\Downloads\cdbxp_setup_4.5.4.5000_minimal.exe 2014-09-10 00:19 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-09-10 00:19 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-09-10 00:19 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-09-10 00:19 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-09-10 00:19 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-09-10 00:19 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-09-10 00:19 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-09-10 00:19 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-09-10 00:19 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-09-10 00:19 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-09-10 00:19 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-09-10 00:19 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-09-10 00:19 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-09-10 00:19 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-09-10 00:19 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-09-10 00:19 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-09-10 00:19 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-09-10 00:19 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-09-10 00:19 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-09-10 00:19 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-09-10 00:19 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-09-10 00:19 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-10 00:19 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-09-10 00:19 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-09-10 00:19 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-09-10 00:19 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-09-10 00:19 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-09-10 00:19 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-09-10 00:19 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-09-10 00:19 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-09-10 00:19 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-09-10 00:19 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-09-10 00:19 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-09-10 00:19 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-09-10 00:19 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-09-09 23:49 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-09-09 23:49 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2014-09-09 23:49 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote 2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Program Files (x86)\Unified Remote 2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Users\RedSpider\Documents\WB Games 2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-09-08 23:24 - 2014-09-08 23:24 - 01141680 _____ () C:\Users\RedSpider\Downloads\SteamSetup.exe 2014-09-08 23:24 - 2014-09-08 23:24 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-09-08 16:23 - 2014-09-08 16:23 - 163670496 _____ (Emsisoft GmbH ) C:\Users\RedSpider\Downloads\EmsisoftAntiMalwareSetup.exe 2014-09-07 21:06 - 2014-09-07 21:06 - 00001098 _____ () C:\Users\RedSpider\Desktop\MSI Afterburner.lnk 2014-09-07 19:44 - 2014-09-07 19:44 - 00298280 _____ () C:\WINDOWS\Minidump\090714-10765-01.dmp 2014-09-07 19:42 - 2014-09-07 19:42 - 02174848 _____ () C:\Users\RedSpider\Downloads\SpeedFan4.50.exe 2014-09-07 19:35 - 2014-09-07 19:35 - 00298096 _____ () C:\WINDOWS\Minidump\090714-11375-01.dmp 2014-09-07 19:32 - 2014-09-07 19:44 - 727950455 _____ () C:\WINDOWS\MEMORY.DMP 2014-09-07 19:32 - 2014-09-07 19:44 - 00000000 ____D () C:\WINDOWS\Minidump 2014-09-07 19:32 - 2014-09-07 19:32 - 00298264 _____ () C:\WINDOWS\Minidump\090714-11562-01.dmp 2014-09-07 19:30 - 2014-09-07 19:42 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo 2014-09-07 19:30 - 2014-09-07 19:30 - 02174848 _____ () C:\Users\RedSpider\Downloads\instsf450.exe 2014-09-07 19:30 - 2014-09-07 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-09-05 20:52 - 2014-09-16 08:57 - 00001714 _____ () C:\Users\Public\Desktop\Recuva.lnk 2014-09-05 20:52 - 2014-09-07 14:19 - 00000000 ____D () C:\Program Files\Recuva 2014-09-05 20:52 - 2014-09-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-09-05 20:50 - 2014-09-05 20:51 - 03161056 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\rcsetup151_slim.exe 2014-09-03 00:13 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2014-09-03 00:13 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2014-09-03 00:13 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll 2014-08-30 15:29 - 2014-08-30 15:29 - 00000755 _____ () C:\Users\RedSpider\Desktop\Start Emsisoft Emergency Kit.lnk 2014-08-30 15:04 - 2014-08-30 15:04 - 00003394 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser Task for VeohWebPlayer 2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Program Files (x86)\Veoh Networks 2014-08-27 02:39 - 2014-08-27 02:39 - 04901352 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\ccsetup417.exe 2014-08-27 02:29 - 2014-08-27 02:32 - 00000000 ____D () C:\Users\RedSpider\Santana Samba Pa Ti 2014-08-27 02:10 - 2014-08-27 02:26 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\AccurateRip 2014-08-27 02:10 - 2014-08-27 02:10 - 00001082 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk 2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EAC 2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy 2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy 2014-08-27 02:09 - 2014-08-27 02:09 - 01101648 _____ () C:\Users\RedSpider\Downloads\Exact Audio Copy - CHIP-Installer.exe 2014-08-26 01:53 - 2014-08-26 01:53 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EurekaLab s.a.s 2014-08-25 22:17 - 2014-09-14 18:43 - 00000000 ___HD () C:\ProgramData\CanonIJMIG 2014-08-25 22:16 - 2014-08-25 22:16 - 00002089 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\WorldofTanks 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\StormFall 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\GGEmpire441 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\WorldofTanks 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\StormFall 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\GGEmpire 2014-08-25 22:14 - 2014-08-25 22:14 - 305213008 _____ () C:\Users\RedSpider\Downloads\mig_-win-2_1_0-ea31_2 [1].exe 2014-08-25 10:03 - 2014-09-16 08:57 - 00000000 ____D () C:\Users\RedSpider\Desktop\Pix MM 2014-08-24 13:20 - 2014-08-24 13:20 - 02160237 _____ () C:\Users\RedSpider\Downloads\emdb (1).zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-17 12:03 - 2014-09-17 12:03 - 00021826 _____ () C:\Users\RedSpider\Desktop\FRST.txt 2014-09-17 12:03 - 2014-09-16 06:06 - 00000000 ____D () C:\FRST 2014-09-17 12:02 - 2014-09-17 12:02 - 02105856 _____ (Farbar) C:\Users\RedSpider\Desktop\FRST64.exe 2014-09-17 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-09-17 11:59 - 2014-09-16 06:51 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-09-17 11:59 - 2013-11-15 05:01 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-17 11:59 - 2013-10-17 14:52 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-17 11:59 - 2013-08-22 16:46 - 00703933 _____ () C:\WINDOWS\setupact.log 2014-09-17 11:59 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-09-17 11:59 - 2013-07-03 04:08 - 00000375 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-09-17 11:59 - 2013-01-27 20:03 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\foobar2000 2014-09-17 03:41 - 2014-04-08 00:17 - 00003038 _____ () C:\WINDOWS\System32\Tasks\MSIAfterburner 2014-09-17 03:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-09-17 02:45 - 2013-11-15 05:01 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-17 02:44 - 2013-01-27 17:36 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-09-17 01:47 - 2013-10-17 14:52 - 01119648 _____ () C:\WINDOWS\WindowsUpdate.log 2014-09-16 17:52 - 2013-04-22 18:50 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81665560-7A12-4689-97A0-7C5ADF10D3F3} 2014-09-16 13:45 - 2013-01-27 18:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-976349099-1794730339-1012751642-1000 2014-09-16 12:54 - 2013-09-30 06:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-09-16 12:54 - 2013-09-30 05:56 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat 2014-09-16 12:54 - 2013-09-30 05:56 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat 2014-09-16 12:47 - 2013-09-29 21:04 - 00536136 _____ () C:\WINDOWS\PFRO.log 2014-09-16 12:46 - 2014-09-14 00:44 - 00000000 ____D () C:\AdwCleaner 2014-09-16 12:44 - 2014-09-16 12:44 - 01373475 _____ () C:\Users\RedSpider\Desktop\AdwCleaner.exe 2014-09-16 12:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-09-16 10:22 - 2013-02-01 02:44 - 09700352 ___SH () C:\Users\RedSpider\Desktop\Thumbs.db 2014-09-16 10:21 - 2014-09-16 10:21 - 05579386 _____ (Swearware) C:\Users\RedSpider\Desktop\ComboFix.exe 2014-09-16 10:20 - 2014-09-13 22:33 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-09-16 10:20 - 2013-01-28 22:45 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-09-16 08:57 - 2014-09-05 20:52 - 00001714 _____ () C:\Users\Public\Desktop\Recuva.lnk 2014-09-16 08:57 - 2014-08-25 10:03 - 00000000 ____D () C:\Users\RedSpider\Desktop\Pix MM 2014-09-16 08:54 - 2014-09-16 08:54 - 00002308 _____ () C:\Users\RedSpider\AppData\Local\recently-used.xbel 2014-09-16 08:09 - 2014-09-16 08:09 - 01361419 _____ () C:\Users\RedSpider\Downloads\Matroska113Splitter.exe 2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Haali 2014-09-16 08:07 - 2014-03-05 17:00 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-16 07:43 - 2013-07-19 18:11 - 00000000 _____ () C:\WINDOWS\Path.idx 2014-09-16 07:33 - 2013-03-06 04:37 - 00876960 _____ () C:\WINDOWS\PE_Rom.dll 2014-09-16 07:19 - 2014-06-03 19:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\vlc 2014-09-16 07:13 - 2013-03-05 06:14 - 00173568 _____ () C:\Users\RedSpider\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-16 07:11 - 2014-05-27 22:30 - 00000000 ____D () C:\EEK 2014-09-16 07:04 - 2014-09-16 07:04 - 00000645 _____ () C:\Users\RedSpider\Desktop\JRT.txt 2014-09-16 06:51 - 2014-09-16 06:51 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-16 06:51 - 2014-09-16 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-16 06:51 - 2014-09-16 06:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-16 06:50 - 2014-09-16 06:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\RedSpider\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-16 06:47 - 2014-09-16 06:47 - 00002358 _____ () C:\Users\RedSpider\Desktop\aswMBR.txt 2014-09-16 06:37 - 2013-11-10 03:12 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\deluge 2014-09-16 06:17 - 2014-09-16 06:17 - 05185536 _____ (AVAST Software) C:\Users\RedSpider\Downloads\aswMBR.exe 2014-09-16 06:08 - 2014-09-16 06:08 - 00095642 _____ () C:\Users\RedSpider\Downloads\FRST.txt 2014-09-16 06:08 - 2014-09-16 06:08 - 00053474 _____ () C:\Users\RedSpider\Downloads\Addition.txt 2014-09-16 06:06 - 2014-09-16 06:06 - 02105856 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST64.exe 2014-09-16 06:05 - 2014-09-16 06:04 - 01097728 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST.exe 2014-09-16 05:06 - 2013-03-25 01:01 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Skype 2014-09-16 04:03 - 2014-09-16 04:03 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-09-16 02:29 - 2014-09-16 02:29 - 00259584 _____ (OldTimer Tools) C:\Users\RedSpider\Desktop\OTH.scr 2014-09-15 07:15 - 2014-04-09 13:12 - 00000000 ____D () C:\ProgramData\McAfee 2014-09-15 06:54 - 2013-01-28 22:52 - 00000000 ____D () C:\Program Files\SmartTechnology 2014-09-15 06:53 - 2014-03-05 17:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Program Files\McAfee 2014-09-15 06:49 - 2013-01-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft 2014-09-15 06:49 - 2013-01-27 20:43 - 00000000 ____D () C:\Program Files (x86)\AnvSoft 2014-09-15 05:01 - 2014-09-15 05:01 - 00001778 _____ () C:\sc-cleaner.txt 2014-09-15 05:00 - 2014-09-15 05:00 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-09-14 19:16 - 2013-02-14 06:18 - 03102720 ___SH () C:\Users\RedSpider\Downloads\Thumbs.db 2014-09-14 19:05 - 2014-09-14 19:02 - 00073728 ___SH () C:\Users\RedSpider\Documents\Thumbs.db 2014-09-14 18:43 - 2014-08-25 22:17 - 00000000 ___HD () C:\ProgramData\CanonIJMIG 2014-09-14 07:29 - 2013-10-17 14:54 - 00000000 ____D () C:\Users\RedSpider 2014-09-13 22:36 - 2013-11-01 13:51 - 00000000 ____D () C:\ProgramData\Origin 2014-09-13 22:36 - 2013-11-01 13:51 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-13 22:33 - 2014-09-13 22:33 - 21370837 _____ () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com].rar 2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com] 2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-09-13 22:33 - 2013-11-30 09:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx 2014-09-13 22:30 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Micro-Star_Int'l_Co.,_Ltd 2014-09-13 22:00 - 2014-09-13 22:00 - 02688024 _____ (Martin Malík - REALiX ) C:\Users\RedSpider\Downloads\hw64_444.exe 2014-09-13 22:00 - 2014-09-13 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS 2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\Program Files\HWiNFO64 2014-09-13 21:57 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer 2014-09-13 21:56 - 2014-09-13 21:56 - 00080332 _____ () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer.rar 2014-09-13 07:31 - 2013-02-19 01:28 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2 2014-09-12 02:04 - 2014-09-12 02:04 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64 (1).msi 2014-09-12 02:04 - 2014-09-11 16:22 - 00000000 ____D () C:\Program Files\Microsoft Xbox One Controller for Windows 2014-09-11 05:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-09-11 03:46 - 2014-09-11 03:46 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\MKKE 2014-09-11 03:38 - 2014-09-11 03:38 - 174063616 _____ () C:\Users\RedSpider\Downloads\clonezilla-live-20140630-trusty-amd64.iso 2014-09-11 03:24 - 2014-09-11 03:24 - 00000222 _____ () C:\Users\RedSpider\Desktop\Mortal Kombat Komplete Edition.url 2014-09-11 03:05 - 2014-09-11 02:57 - 00054164 _____ () C:\Users\RedSpider\Downloads\USAIPDEMO.pbk 2014-09-11 03:01 - 2014-09-11 03:00 - 00458752 _____ () C:\WINDOWS\system32\Ikeext.etl 2014-09-11 03:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing 2014-09-11 02:54 - 2014-09-11 02:54 - 00032848 _____ () C:\Users\RedSpider\Downloads\[rutracker.org].t4789586.torrent 2014-09-11 01:54 - 2014-09-11 01:54 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64.msi 2014-09-10 23:54 - 2013-08-22 16:44 - 00409280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-09-10 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-09-10 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-09-10 23:50 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-09-10 23:46 - 2013-03-25 01:01 - 00000000 ____D () C:\ProgramData\Skype 2014-09-10 23:44 - 2013-01-27 17:36 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-09-10 23:43 - 2014-09-10 23:43 - 17903792 _____ (Adobe Systems Incorporated) C:\Users\RedSpider\Downloads\install_flash_player.exe 2014-09-10 23:38 - 2013-02-07 15:49 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Adobe 2014-09-10 23:28 - 2014-09-10 23:28 - 01054400 _____ (Adobe) C:\Users\RedSpider\Downloads\install_flashplayer15x32ax_gtbd_chrd_dn_aaa_aih.exe 2014-09-10 05:30 - 2014-09-10 05:30 - 05412944 _____ (Canneverbe Limited ) C:\Users\RedSpider\Downloads\cdbxp_setup_4.5.4.5000_minimal.exe 2014-09-10 05:30 - 2013-12-08 05:52 - 00001911 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2014-09-10 05:30 - 2013-12-08 05:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP 2014-09-10 00:20 - 2013-02-09 17:38 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-09-10 00:19 - 2014-06-11 16:11 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-09-10 00:19 - 2014-06-11 16:11 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-09-10 00:19 - 2014-06-11 16:11 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-09-10 00:19 - 2014-06-11 16:11 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-09-10 00:19 - 2014-06-11 16:11 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-09-10 00:19 - 2014-05-03 20:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-09-10 00:19 - 2014-05-03 20:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-09-10 00:19 - 2013-07-10 14:36 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-09-10 00:17 - 2013-01-27 17:29 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote 2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Program Files (x86)\Unified Remote 2014-09-09 13:44 - 2013-02-04 01:41 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Windows Live 2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Users\RedSpider\Documents\WB Games 2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-09-08 23:43 - 2014-01-23 23:36 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\dvdcss 2014-09-08 23:24 - 2014-09-08 23:24 - 01141680 _____ () C:\Users\RedSpider\Downloads\SteamSetup.exe 2014-09-08 23:24 - 2014-09-08 23:24 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-09-08 16:23 - 2014-09-08 16:23 - 163670496 _____ (Emsisoft GmbH ) C:\Users\RedSpider\Downloads\EmsisoftAntiMalwareSetup.exe 2014-09-07 21:06 - 2014-09-07 21:06 - 00001098 _____ () C:\Users\RedSpider\Desktop\MSI Afterburner.lnk 2014-09-07 19:44 - 2014-09-07 19:44 - 00298280 _____ () C:\WINDOWS\Minidump\090714-10765-01.dmp 2014-09-07 19:44 - 2014-09-07 19:32 - 727950455 _____ () C:\WINDOWS\MEMORY.DMP 2014-09-07 19:44 - 2014-09-07 19:32 - 00000000 ____D () C:\WINDOWS\Minidump 2014-09-07 19:42 - 2014-09-07 19:42 - 02174848 _____ () C:\Users\RedSpider\Downloads\SpeedFan4.50.exe 2014-09-07 19:42 - 2014-09-07 19:30 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo 2014-09-07 19:35 - 2014-09-07 19:35 - 00298096 _____ () C:\WINDOWS\Minidump\090714-11375-01.dmp 2014-09-07 19:32 - 2014-09-07 19:32 - 00298264 _____ () C:\WINDOWS\Minidump\090714-11562-01.dmp 2014-09-07 19:30 - 2014-09-07 19:30 - 02174848 _____ () C:\Users\RedSpider\Downloads\instsf450.exe 2014-09-07 19:30 - 2014-09-07 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-09-07 14:19 - 2014-09-05 20:52 - 00000000 ____D () C:\Program Files\Recuva 2014-09-06 05:52 - 2014-09-06 05:52 - 00033285 _____ () C:\Users\RedSpider\Downloads\[HDs]-Open.Grave.2014.German.DL.DTSHD.1080p.BluRay.AVC.Remux-iNCEPTiON.torrent 2014-09-05 20:52 - 2014-09-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-09-05 20:51 - 2014-09-05 20:50 - 03161056 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\rcsetup151_slim.exe 2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-31 18:37 - 2014-07-21 02:55 - 00000000 ____D () C:\Users\RedSpider\Desktop\BR 2014-08-30 15:29 - 2014-08-30 15:29 - 00000755 _____ () C:\Users\RedSpider\Desktop\Start Emsisoft Emergency Kit.lnk 2014-08-30 15:21 - 2009-07-14 04:34 - 00000466 _____ () C:\WINDOWS\win.ini 2014-08-30 15:04 - 2014-08-30 15:04 - 00003394 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser Task for VeohWebPlayer 2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Program Files (x86)\Veoh Networks 2014-08-29 03:58 - 2014-09-10 23:50 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-08-29 03:32 - 2014-09-10 23:50 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-08-29 02:59 - 2014-09-10 23:50 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-08-29 01:56 - 2014-09-10 23:50 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-08-27 02:39 - 2014-08-27 02:39 - 04901352 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\ccsetup417.exe 2014-08-27 02:39 - 2013-01-30 15:34 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-27 02:32 - 2014-08-27 02:29 - 00000000 ____D () C:\Users\RedSpider\Santana Samba Pa Ti 2014-08-27 02:26 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\AccurateRip 2014-08-27 02:10 - 2014-08-27 02:10 - 00001082 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk 2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EAC 2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy 2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy 2014-08-27 02:09 - 2014-08-27 02:09 - 01101648 _____ () C:\Users\RedSpider\Downloads\Exact Audio Copy - CHIP-Installer.exe 2014-08-26 01:53 - 2014-08-26 01:53 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EurekaLab s.a.s 2014-08-26 00:27 - 2014-09-10 23:50 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-25 22:16 - 2014-08-25 22:16 - 00002089 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk 2014-08-25 22:16 - 2013-02-09 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\WorldofTanks 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\StormFall 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\GGEmpire441 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\WorldofTanks 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\StormFall 2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\GGEmpire 2014-08-25 22:14 - 2014-08-25 22:14 - 305213008 _____ () C:\Users\RedSpider\Downloads\mig_-win-2_1_0-ea31_2 [1].exe 2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\Users\RedSpider\Documents\EMDB 2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMDB 2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\Program Files (x86)\EMDB 2014-08-24 13:20 - 2014-08-24 13:20 - 02160237 _____ () C:\Users\RedSpider\Downloads\emdb (1).zip 2014-08-23 09:48 - 2014-09-10 23:50 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2014-08-23 09:13 - 2014-09-10 23:50 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2014-08-23 08:10 - 2014-09-10 23:50 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-08-23 07:32 - 2014-09-10 23:50 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2014-08-23 06:44 - 2014-09-10 23:50 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-08-23 06:34 - 2014-09-10 23:50 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-08-23 06:33 - 2014-09-10 23:50 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-08-23 06:31 - 2014-09-10 23:50 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-08-23 06:20 - 2014-09-10 23:50 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-08-20 05:44 - 2014-03-19 01:24 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-08-20 05:44 - 2014-03-19 01:24 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-08-20 05:44 - 2014-03-19 01:24 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-08-20 05:44 - 2014-03-19 01:24 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-08-20 05:44 - 2014-03-19 01:24 - 00000000 ____D () C:\Program Files\Java 2014-08-20 05:44 - 2013-10-17 14:09 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-20 05:44 - 2013-06-24 03:19 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-08-20 05:44 - 2013-06-24 03:19 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-08-20 05:44 - 2013-06-24 03:19 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-08-20 05:44 - 2013-06-24 03:19 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-08-20 05:44 - 2013-06-24 03:19 - 00000000 ____D () C:\Program Files (x86)\Java Some content of TEMP: ==================== C:\Users\RedSpider\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-16 13:45 ==================== End Of Log ============================ FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by RedSpider at 2014-09-17 12:04:11
Running from C:\Users\RedSpider\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6300 series Benutzerregistrierung (HKLM-x32\...\Canon MG6300 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15 - Illustrate)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Deluge 1.3.6 (HKLM-x32\...\Deluge) (Version: - )
DirectVobSub 2.41.7259 (5d3641a) Beta (HKLM-x32\...\vsfilter_is1) (Version: 2.41.7259 - MPC-HC Team)
EMDB 2.06 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel(R) Network Connections 18.7.28.0 (Version: 18.7.28.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
JDownloader Packages (HKCU\...\JDownloader Packages) (Version: - ) <==== ATTENTION
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Browser DVD/BD Image System Support Package (HKLM\...\pfm-license-mediabrowser.txt) (Version: - )
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
MKVToolNix 7.0.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.0.0 - Moritz Bunkus)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA FaceWorks: Real-time Performance Capture Demo (HKLM-x32\...\FaceWorks) (Version: 1.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Miracast Virtueller Ton 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
ReClock (HKLM-x32\...\ReClock) (Version: - SlySoft, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
USB Audio (HKLM\...\{D80E54FF-2464-4427-9B93-A9E121B90909}) (Version: 2.0.2 - Denon)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XySubFilter 3.1.0.546 (HKLM-x32\...\XySubFilter_is1) (Version: 3.1.0.546 - xy-VSFilter Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-09-2014 13:18:36 Geplanter Prüfpunkt
09-09-2014 13:49:03 Geplanter Prüfpunkt
11-09-2014 14:22:04 Installed Microsoft Xbox One Controller for Windows
15-09-2014 04:51:15 Microsoft MapPoint Europa 2013 wird entfernt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2014-02-06 06:47 - 00001117 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {042D788F-66E1-4CC4-B75F-7B5BFE0F17CB} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D0E885B-9F5D-4A2D-9F51-4B967EF7383E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-10] ()
Task: {0E0B4A22-69D8-494B-B206-006CB4DE3B72} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {1BFB5D4C-648E-441E-8EC8-8620A2DB4303} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D472716-948B-4A5C-83B4-3B5C8F23A9A0} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {43F8234E-4DAB-4C38-B548-C5362122B1E9} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5869E33A-74AB-46F1-871D-0ABAEFFF2D1A} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7DE9E344-625D-4093-AD5D-0880144136C0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {87C28E1C-2A98-48FA-AA5A-04802A2610FD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {8C41E012-296F-4C5A-85C3-6EDD63479C87} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D7A4ABF-B7FF-4D7A-91D1-75D07ABF844F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.)
Task: {944508FB-9101-43F4-9179-0BD5235CF6D3} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {97962511-DD7E-40DA-88B6-5EDCC592C436} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A616FFB1-2235-44D4-9C4B-348C6B19F13A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {AEECA187-BC10-4A49-8ED4-11507B21E2D6} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {B2C29026-2B42-4212-A90F-6ED7388F7578} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {B67856BC-3112-46EF-8107-786A03298193} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D19A5C85-473A-499E-B9A9-82BBDE8B60D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.)
Task: {D2C74A08-DDC2-41D7-9FA3-04E4F8186D8F} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3EB5696-328F-4FEE-84AE-F410A8090DF2} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [2014-09-04] (REALiX)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E88F6461-1431-4D62-BF72-81C80C2A2466} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-17 14:52 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00400384 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2014-06-10 08:04 - 2014-06-10 08:04 - 00465064 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2013-11-21 04:04 - 2013-01-14 17:37 - 01406776 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2013-10-21 01:06 - 2013-10-21 01:07 - 00183808 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-03-06 04:33 - 2012-06-01 18:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00195584 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2013-08-01 21:51 - 2013-08-01 21:51 - 00023040 _____ () C:\Program Files\Logitech Gaming Software\LGSToast.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 01442120 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 00168264 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 10329928 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 00405320 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 01831752 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2013-01-27 20:37 - 2013-01-27 20:37 - 00098816 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_asio\ASIOhost64.exe
2014-06-05 07:36 - 2014-06-05 07:36 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-06-05 07:37 - 2014-06-05 07:37 - 00216064 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00127488 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-06-05 07:37 - 2014-06-05 07:37 - 00638976 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2013-11-21 04:04 - 2013-01-14 18:16 - 05771136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-11-21 04:04 - 2010-06-21 16:21 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2013-03-06 04:33 - 2014-09-17 11:59 - 00025088 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-03-06 04:33 - 2010-06-29 11:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00324608 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2013-11-21 04:04 - 2011-07-12 20:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-11-21 04:04 - 2010-10-05 09:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-11-21 04:04 - 2012-10-08 18:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-11-21 04:04 - 2013-01-15 16:30 - 01040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-11-21 04:07 - 2012-07-20 10:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-11-21 04:04 - 2013-04-15 15:19 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-11-21 04:04 - 2012-05-28 22:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-11-21 04:04 - 2011-09-19 21:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-11-21 04:04 - 2011-07-21 10:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-11-21 04:04 - 2012-08-29 19:09 - 00875520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-03-06 04:33 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-11-21 04:04 - 2010-10-05 09:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-11-21 04:04 - 2009-08-12 21:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-05-04 13:57 - 2013-05-04 13:57 - 00095712 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 00156088 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00501248 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2013-01-28 23:20 - 2013-01-28 23:20 - 01767936 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_facets\foo_facets.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00304128 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2013-01-27 20:37 - 2013-01-27 20:37 - 00183296 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_asio\foo_out_asio.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00351232 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2014-01-29 05:44 - 2009-06-14 00:49 - 00257536 _____ () C:\Program Files (x86)\foobar2000\components\foo_uie_albumlist.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 00945104 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2013-11-01 22:19 - 2013-11-01 22:19 - 00147456 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_wasapi\foo_out_wasapi.dll
2013-04-27 18:59 - 2013-04-27 18:59 - 00271872 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_input_monkey\foo_input_monkey.dll
2013-02-23 22:22 - 2013-02-23 22:22 - 00430080 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_httpcontrol\foo_httpcontrol.dll
2013-09-23 02:23 - 2013-09-23 02:23 - 00400384 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_dynamic_range\foo_dynamic_range.dll
2013-01-28 23:36 - 2013-01-28 23:36 - 01334272 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_simplaylist\foo_simplaylist.dll
2014-01-29 04:34 - 2014-01-29 04:34 - 00724992 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_uie_lyrics3\foo_uie_lyrics3.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 01390536 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2013-11-02 21:58 - 2013-11-02 21:58 - 00723968 _____ () C:\Program Files (x86)\foobar2000\avcodec-fb2k-55.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 00335800 _____ () C:\Program Files (x86)\foobar2000\avutil-fb2k-52.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00199168 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00199680 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00350720 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2013-09-23 02:24 - 2013-09-23 02:24 - 00337920 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_uie_biography\foo_uie_biography.dll
2013-09-23 02:28 - 2013-09-23 02:28 - 00331776 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_input_dvda\foo_input_dvda.dll
2013-07-07 00:51 - 2013-07-07 00:51 - 00147968 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_ramdisk\foo_ramdisk.dll
2013-01-28 23:07 - 2013-01-28 23:07 - 00301056 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_input_sacd\foo_input_sacd.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "TotalMedia Server.lnk"
HKLM\...\StartupApproved\Run32: => "Sweetpacks Communicator"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Smart File Advisor"
HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKCU\...\StartupApproved\Run: => "KiesPreload"
HKCU\...\StartupApproved\Run: => "KiesAirMessage"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/16/2014 01:46:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/16/2014 01:46:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/16/2014 01:45:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/16/2014 00:09:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.3.9600.17284 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1530
Startzeit: 01cfd196279486f8
Endzeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: 8780504e-3d89-11e4-8231-bcaec574c7fa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/16/2014 00:08:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17284 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 574
Startzeit: 01cfd195ec446832
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: 64fa0159-3d89-11e4-8231-bcaec574c7fa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/16/2014 10:50:56 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/16/2014 10:19:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 3.1.100.0, Zeitstempel: 0x53d25804
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1314
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Vollständiger Name des fehlerhaften Pakets: nvstreamsvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvstreamsvc.exe5
Error: (09/16/2014 09:46:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.16384, Zeitstempel: 0x5215f00d
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1064
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5
Error: (09/16/2014 08:26:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/16/2014 08:26:25 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (09/17/2014 11:59:50 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (09/17/2014 11:59:37 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 11:59:37 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 11:59:36 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 11:59:36 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 11:59:36 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 11:59:36 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 11:59:36 AM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/17/2014 01:18:30 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (09/17/2014 00:32:37 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Microsoft Office Sessions:
=========================
Error: (08/17/2014 07:28:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19136 seconds with 11220 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-09-16 08:26:27.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 06:15:19.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 03:58:43.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.661
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-13 03:17:02.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-12 05:59:47.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-11 00:59:59.177
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 14%
Total physical RAM: 16351.14 MB
Available physical RAM: 13971.71 MB
Total Pagefile: 32735.14 MB
Available Pagefile: 30005.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.37 GB) (Free:73.09 GB) NTFS
Drive d: () (Fixed) (Total:1863.02 GB) (Free:154.4 GB) NTFS
Drive f: (Volume) (Fixed) (Total:2790.14 GB) (Free:68.92 GB) NTFS
Drive g: (20140630-trusty-) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS
Drive h: (Volume) (Fixed) (Total:2790.14 GB) (Free:114.71 GB) NTFS
Drive l: (USB-HDD) (Fixed) (Total:1397.26 GB) (Free:107.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 65C9D9D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 65C9D9DC)
Partition: GPT Partition Type.
========================================================
Disk: 5 (Size: 1397.3 GB) (Disk ID: 4D2D37C2)
Partition 1: (Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.09.2014, 20:34
| #6 |
| /// the machine /// TB-Ausbilder | feed.safefinder.com entfernen und System auf Viren überprüfen Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> feed.safefinder.com entfernen und System auf Viren überprüfen |
|
18.09.2014, 05:12
| #7 |
| | feed.safefinder.com entfernen und System auf Viren überprüfen hallo lieber schrauber, habe Malwarebytes bereits auf dem pc und die anderen programme AdwCleaner und junkware removal tool habe ich schon min.3-5 mal ausgeführt und Antimalware bestimmt schon über 10 mal ...doch kein positives resultat !!! der safefinder bleibt hartnäckig auf meinem pc bestehen Aber ich werde deine Anweisung nochmals probieren und ein frisches FRST log senden. Danke dir :-) Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Suchlauf Datum: 17.09.2014 Suchlauf-Zeit: 22:06:04 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.17.08 Rootkit Datenbank: v2014.09.15.01 Lizenz: Premium Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: RedSpider Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 346788 Verstrichene Zeit: 6 Min, 13 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 1 PUP.Optional.SafeFinder.A, C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "startup_urls": [ "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=071313", "hxxp://www.spiegel.de/", "hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,," ],), Ersetzt,[5a987f6e91ea7bbb3a678da6798cf808] Physische Sektoren: 0 (No malicious items detected) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.310 - Bericht erstellt am 17/09/2014 um 22:21:23
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : RedSpider - REDSPIDER-PC
# Gestartet von : C:\Users\RedSpider\Desktop\AdwCleaner_3.310.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17278
-\\ Google Chrome v37.0.2062.120
[ Datei : C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Startup_urls] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,,
*************************
AdwCleaner[R0].txt - [2831 octets] - [14/09/2014 00:44:42]
AdwCleaner[R1].txt - [1210 octets] - [15/09/2014 04:48:51]
AdwCleaner[R2].txt - [1313 octets] - [15/09/2014 07:27:20]
AdwCleaner[R3].txt - [1373 octets] - [16/09/2014 02:12:40]
AdwCleaner[R4].txt - [1493 octets] - [16/09/2014 02:42:45]
AdwCleaner[R5].txt - [1613 octets] - [16/09/2014 03:47:21]
AdwCleaner[R6].txt - [1471 octets] - [16/09/2014 06:58:26]
AdwCleaner[R7].txt - [1862 octets] - [16/09/2014 12:45:01]
AdwCleaner[R8].txt - [1988 octets] - [17/09/2014 22:20:48]
AdwCleaner[S0].txt - [2671 octets] - [14/09/2014 00:54:12]
AdwCleaner[S1].txt - [1271 octets] - [15/09/2014 04:49:18]
AdwCleaner[S2].txt - [1434 octets] - [16/09/2014 02:14:03]
AdwCleaner[S3].txt - [1554 octets] - [16/09/2014 02:43:20]
AdwCleaner[S4].txt - [1674 octets] - [16/09/2014 05:41:24]
AdwCleaner[S5].txt - [1532 octets] - [16/09/2014 06:58:46]
AdwCleaner[S6].txt - [1923 octets] - [16/09/2014 12:46:11]
AdwCleaner[S7].txt - [1909 octets] - [17/09/2014 22:21:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1969 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.5 (09.16.2014:1)
OS: Windows 8.1 Pro x64
Ran by RedSpider on 17.09.2014 at 22:30:48,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.09.2014 at 22:33:14,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by RedSpider (administrator) on REDSPIDER-PC on 17-09-2014 22:34:58
Running from C:\Users\RedSpider\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Users\Bootsektor\Downloads\mbam-setup\mbamscheduler.exe
(Malwarebytes Corporation) C:\Users\Bootsektor\Downloads\mbam-setup\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Users\Bootsektor\Downloads\mbam-setup\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Unified Intents AB) C:\Program Files (x86)\Unified Remote\RemoteServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-06-03] (Unified Intents AB)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [GoogleChromeAutoLaunch_AA0546F6283AA107B5D07868E0E0FE05] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [912200 2014-09-04] (Google Inc.)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {4cd61f86-c877-11e3-8186-bcaec574c7fa} - "K:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {75a9a0da-32ee-11e4-8206-bcaec574c7fa} - "K:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {b952332c-e244-11e3-81a2-bcaec574c7fa} - "L:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBA2693E4A4FCCD01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {9A01AA53-FAB4-4F9F-BB65-6D7F304B93BF} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B010DE0D20140409&p={SearchTerms}
SearchScopes: HKCU - {BAB65997-01F0-41B0-B41D-937F60235DED} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-22]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=071313", "hxxp://www.spiegel.de/", "hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,,"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (chessmail ~ Schach) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkgfhmdidjkcoflclddnmgacgeaahkk [2014-04-02]
CHR Extension: (HD for YouTube™) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-04-04]
CHR Extension: (Google Drive) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-02]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-04-02]
CHR Extension: (AdBlock) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-02]
CHR Extension: (Stealthy) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-04-02]
CHR Extension: (Google Wallet) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-15]
CHR Extension: (Marc Ecko) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-04-02]
CHR Extension: (Google Mail) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2013-11-01] (ASUSTeK Computer Inc.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Users\Bootsektor\Downloads\mbam-setup\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\Bootsektor\Downloads\mbam-setup\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [25928 2012-08-20] (MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [150344 2012-08-20] (MCCI Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-08-30] (Emsisoft GmbH)
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) [File not signed]
R3 DE_USBAUDIO; C:\Windows\system32\drivers\de_usbaudio.sys [144896 2013-05-20] (D&M Holdings Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468240 2013-08-21] (Intel Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-09-13] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 pfmfs_7DB; C:\Windows\System32\Drivers\pfmfs_7DB.sys [258296 2013-02-19] (Pismo Technic Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-06-10] ()
S3 SaiK0CFA; C:\Windows\system32\DRIVERS\SaiK0CFA.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
S3 SaiU0CFA; C:\Windows\System32\drivers\SaiU0CFA.sys [47168 2012-09-20] (Saitek)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(???? | ????? ???? ?????.))
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
U3 idsvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-17 22:34 - 2014-09-17 22:35 - 00021565 _____ () C:\Users\RedSpider\Desktop\FRST.txt
2014-09-17 22:33 - 2014-09-17 22:33 - 00000622 _____ () C:\Users\RedSpider\Desktop\JRT.txt
2014-09-17 22:17 - 2014-09-17 22:17 - 00001623 _____ () C:\Users\RedSpider\Desktop\mbam.txt
2014-09-17 22:04 - 2014-09-17 22:22 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 22:04 - 2014-09-17 22:04 - 00001206 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor\Downloads\mbam-setup
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-17 22:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-17 22:04 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-17 22:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-17 21:57 - 2014-09-17 21:58 - 01016035 _____ (Thisisu) C:\Users\RedSpider\Desktop\JRT.exe
2014-09-17 21:56 - 2014-09-17 21:56 - 01373475 _____ () C:\Users\RedSpider\Desktop\AdwCleaner_3.310.exe
2014-09-17 21:55 - 2014-09-17 21:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\RedSpider\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-17 13:09 - 2014-09-17 13:09 - 00002308 _____ () C:\Users\RedSpider\AppData\Local\recently-used.xbel
2014-09-17 12:02 - 2014-09-17 12:02 - 02105856 _____ (Farbar) C:\Users\RedSpider\Desktop\FRST64.exe
2014-09-16 08:09 - 2014-09-16 08:09 - 01361419 _____ () C:\Users\RedSpider\Downloads\Matroska113Splitter.exe
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-09-16 06:50 - 2014-09-16 06:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\RedSpider\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 06:17 - 2014-09-16 06:17 - 05185536 _____ (AVAST Software) C:\Users\RedSpider\Downloads\aswMBR.exe
2014-09-16 06:08 - 2014-09-16 06:08 - 00095642 _____ () C:\Users\RedSpider\Downloads\FRST.txt
2014-09-16 06:08 - 2014-09-16 06:08 - 00053474 _____ () C:\Users\RedSpider\Downloads\Addition.txt
2014-09-16 06:06 - 2014-09-17 22:35 - 00000000 ____D () C:\FRST
2014-09-16 06:06 - 2014-09-16 06:06 - 02105856 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST64.exe
2014-09-16 06:04 - 2014-09-16 06:05 - 01097728 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST.exe
2014-09-16 04:03 - 2014-09-16 04:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-16 02:29 - 2014-09-16 02:29 - 00259584 _____ (OldTimer Tools) C:\Users\RedSpider\Desktop\OTH.scr
2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Program Files\McAfee
2014-09-15 05:01 - 2014-09-15 05:01 - 00001778 _____ () C:\sc-cleaner.txt
2014-09-15 05:00 - 2014-09-15 05:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-14 19:02 - 2014-09-14 19:05 - 00073728 ___SH () C:\Users\RedSpider\Documents\Thumbs.db
2014-09-14 00:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-14 00:44 - 2014-09-17 22:21 - 00000000 ____D () C:\AdwCleaner
2014-09-13 22:33 - 2014-09-16 10:20 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-09-13 22:33 - 2014-09-13 22:33 - 21370837 _____ () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com].rar
2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com]
2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-09-13 22:00 - 2014-09-13 22:00 - 02688024 _____ (Martin Malík - REALiX ) C:\Users\RedSpider\Downloads\hw64_444.exe
2014-09-13 22:00 - 2014-09-13 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-09-13 21:57 - 2014-09-13 22:30 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2014-09-13 21:57 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer
2014-09-13 21:56 - 2014-09-13 21:56 - 00080332 _____ () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer.rar
2014-09-12 02:04 - 2014-09-12 02:04 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64 (1).msi
2014-09-11 16:22 - 2014-09-12 02:04 - 00000000 ____D () C:\Program Files\Microsoft Xbox One Controller for Windows
2014-09-11 03:46 - 2014-09-11 03:46 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\MKKE
2014-09-11 03:38 - 2014-09-11 03:38 - 174063616 _____ () C:\Users\RedSpider\Downloads\clonezilla-live-20140630-trusty-amd64.iso
2014-09-11 03:24 - 2014-09-11 03:24 - 00000222 _____ () C:\Users\RedSpider\Desktop\Mortal Kombat Komplete Edition.url
2014-09-11 03:00 - 2014-09-11 03:01 - 00458752 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-09-11 01:54 - 2014-09-11 01:54 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64.msi
2014-09-10 23:50 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-09-10 23:50 - 2014-08-29 03:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-10 23:50 - 2014-08-29 02:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-10 23:50 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-10 23:50 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-10 23:50 - 2014-08-26 00:27 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-10 23:50 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-10 23:50 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-10 23:50 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-10 23:50 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-10 23:50 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-10 23:50 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-10 23:50 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-10 23:50 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-10 23:50 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-10 23:50 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-10 23:50 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-10 23:50 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-09-10 23:50 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-10 23:50 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-10 23:50 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-10 23:50 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-10 23:50 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-10 23:50 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-10 23:50 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-10 23:50 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-09-10 23:50 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-09-10 23:50 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-10 23:50 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-09-10 23:50 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-09-10 23:50 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-09-10 23:50 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-10 23:50 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-10 23:50 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-09-10 23:50 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-10 23:50 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-10 23:50 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-10 23:50 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-09-10 23:50 - 2014-08-16 02:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-10 23:50 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-10 23:50 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-10 23:50 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-10 23:50 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-10 23:50 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-10 23:50 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-10 23:50 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-10 23:50 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-10 23:50 - 2014-08-16 02:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-10 23:50 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-10 23:50 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-10 23:50 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-10 23:50 - 2014-08-01 01:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-10 23:43 - 2014-09-10 23:43 - 17903792 _____ (Adobe Systems Incorporated) C:\Users\RedSpider\Downloads\install_flash_player.exe
2014-09-10 23:28 - 2014-09-10 23:28 - 01054400 _____ (Adobe) C:\Users\RedSpider\Downloads\install_flashplayer15x32ax_gtbd_chrd_dn_aaa_aih.exe
2014-09-10 05:30 - 2014-09-10 05:30 - 05412944 _____ (Canneverbe Limited ) C:\Users\RedSpider\Downloads\cdbxp_setup_4.5.4.5000_minimal.exe
2014-09-10 00:19 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-10 00:19 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-10 00:19 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-10 00:19 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-10 00:19 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-10 00:19 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-10 00:19 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-10 00:19 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-10 00:19 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-10 00:19 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-10 00:19 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-10 00:19 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-10 00:19 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-10 00:19 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-10 00:19 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-10 00:19 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-10 00:19 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-10 00:19 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-10 00:19 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-10 00:19 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-10 00:19 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-10 00:19 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 00:19 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-10 00:19 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-10 00:19 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-10 00:19 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-10 00:19 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-10 00:19 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-10 00:19 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-10 00:19 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-10 00:19 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-10 00:19 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-10 00:19 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-10 00:19 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 00:19 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-09 23:49 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-09 23:49 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-09 23:49 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Program Files (x86)\Unified Remote
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Users\RedSpider\Documents\WB Games
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-08 23:24 - 2014-09-08 23:24 - 01141680 _____ () C:\Users\RedSpider\Downloads\SteamSetup.exe
2014-09-08 23:24 - 2014-09-08 23:24 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-09-08 16:23 - 2014-09-08 16:23 - 163670496 _____ (Emsisoft GmbH ) C:\Users\RedSpider\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-07 21:06 - 2014-09-07 21:06 - 00001098 _____ () C:\Users\RedSpider\Desktop\MSI Afterburner.lnk
2014-09-07 19:44 - 2014-09-07 19:44 - 00298280 _____ () C:\WINDOWS\Minidump\090714-10765-01.dmp
2014-09-07 19:42 - 2014-09-07 19:42 - 02174848 _____ () C:\Users\RedSpider\Downloads\SpeedFan4.50.exe
2014-09-07 19:35 - 2014-09-07 19:35 - 00298096 _____ () C:\WINDOWS\Minidump\090714-11375-01.dmp
2014-09-07 19:32 - 2014-09-07 19:44 - 727950455 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-07 19:32 - 2014-09-07 19:44 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-07 19:32 - 2014-09-07 19:32 - 00298264 _____ () C:\WINDOWS\Minidump\090714-11562-01.dmp
2014-09-07 19:30 - 2014-09-07 19:42 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2014-09-07 19:30 - 2014-09-07 19:30 - 02174848 _____ () C:\Users\RedSpider\Downloads\instsf450.exe
2014-09-07 19:30 - 2014-09-07 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-09-05 20:52 - 2014-09-16 08:57 - 00001714 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-09-05 20:52 - 2014-09-07 14:19 - 00000000 ____D () C:\Program Files\Recuva
2014-09-05 20:52 - 2014-09-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-09-05 20:50 - 2014-09-05 20:51 - 03161056 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\rcsetup151_slim.exe
2014-09-03 00:13 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-03 00:13 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-03 00:13 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-08-30 15:29 - 2014-08-30 15:29 - 00000755 _____ () C:\Users\RedSpider\Desktop\Start Emsisoft Emergency Kit.lnk
2014-08-30 15:04 - 2014-08-30 15:04 - 00003394 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser Task for VeohWebPlayer
2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Program Files (x86)\Veoh Networks
2014-08-29 08:06 - 2014-08-29 08:06 - 00000692 _____ () C:\Users\RedSpider\Desktop\rutracker - Verknüpfung.lnk
2014-08-27 18:31 - 2014-08-27 18:31 - 00654800 _____ () C:\Users\RedSpider\Downloads\SkymonkUploader.exe
2014-08-27 02:39 - 2014-08-27 02:39 - 04901352 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\ccsetup417.exe
2014-08-27 02:29 - 2014-08-27 02:32 - 00000000 ____D () C:\Users\RedSpider\Santana Samba Pa Ti
2014-08-27 02:10 - 2014-08-27 02:26 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\AccurateRip
2014-08-27 02:10 - 2014-08-27 02:10 - 00001082 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EAC
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-08-27 02:09 - 2014-08-27 02:09 - 01101648 _____ () C:\Users\RedSpider\Downloads\Exact Audio Copy - CHIP-Installer.exe
2014-08-26 01:53 - 2014-08-26 01:53 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EurekaLab s.a.s
2014-08-25 22:17 - 2014-09-14 18:43 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-08-25 22:16 - 2014-08-25 22:16 - 00002089 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\GGEmpire441
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\GGEmpire
2014-08-25 10:03 - 2014-09-16 08:57 - 00000000 ____D () C:\Users\RedSpider\Desktop\Pix MM
2014-08-24 13:20 - 2014-08-24 13:20 - 02160237 _____ () C:\Users\RedSpider\Downloads\emdb (1).zip
2014-08-20 05:13 - 2014-08-29 05:29 - 00001086 _____ () C:\Users\RedSpider\Desktop\Unreleased and RAR VINYLs - Verknüpfung.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-17 22:35 - 2014-09-17 22:34 - 00021565 _____ () C:\Users\RedSpider\Desktop\FRST.txt
2014-09-17 22:35 - 2014-09-16 06:06 - 00000000 ____D () C:\FRST
2014-09-17 22:33 - 2014-09-17 22:33 - 00000622 _____ () C:\Users\RedSpider\Desktop\JRT.txt
2014-09-17 22:28 - 2013-09-30 06:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-17 22:28 - 2013-09-30 05:56 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-17 22:28 - 2013-09-30 05:56 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-17 22:27 - 2013-01-27 18:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-976349099-1794730339-1012751642-1000
2014-09-17 22:22 - 2014-09-17 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 22:22 - 2013-11-15 05:01 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 22:22 - 2013-10-17 14:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-17 22:22 - 2013-09-29 21:04 - 00536450 _____ () C:\WINDOWS\PFRO.log
2014-09-17 22:22 - 2013-08-22 16:46 - 00705061 _____ () C:\WINDOWS\setupact.log
2014-09-17 22:22 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-17 22:22 - 2013-07-03 04:08 - 00000375 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-09-17 22:21 - 2014-09-14 00:44 - 00000000 ____D () C:\AdwCleaner
2014-09-17 22:20 - 2013-01-27 20:03 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\foobar2000
2014-09-17 22:17 - 2014-09-17 22:17 - 00001623 _____ () C:\Users\RedSpider\Desktop\mbam.txt
2014-09-17 22:04 - 2014-09-17 22:04 - 00001206 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor\Downloads\mbam-setup
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-17 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-17 21:58 - 2014-09-17 21:57 - 01016035 _____ (Thisisu) C:\Users\RedSpider\Desktop\JRT.exe
2014-09-17 21:58 - 2014-04-08 00:17 - 00003038 _____ () C:\WINDOWS\System32\Tasks\MSIAfterburner
2014-09-17 21:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-17 21:56 - 2014-09-17 21:56 - 01373475 _____ () C:\Users\RedSpider\Desktop\AdwCleaner_3.310.exe
2014-09-17 21:55 - 2014-09-17 21:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\RedSpider\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-17 21:45 - 2013-11-15 05:01 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 21:44 - 2013-01-27 17:36 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-17 18:33 - 2013-04-22 18:50 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81665560-7A12-4689-97A0-7C5ADF10D3F3}
2014-09-17 16:32 - 2013-10-17 14:52 - 01349493 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-17 13:09 - 2014-09-17 13:09 - 00002308 _____ () C:\Users\RedSpider\AppData\Local\recently-used.xbel
2014-09-17 12:02 - 2014-09-17 12:02 - 02105856 _____ (Farbar) C:\Users\RedSpider\Desktop\FRST64.exe
2014-09-16 12:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-16 10:22 - 2013-02-01 02:44 - 09700352 ___SH () C:\Users\RedSpider\Desktop\Thumbs.db
2014-09-16 10:20 - 2014-09-13 22:33 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-09-16 10:20 - 2013-01-28 22:45 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-09-16 08:57 - 2014-09-05 20:52 - 00001714 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-09-16 08:57 - 2014-08-25 10:03 - 00000000 ____D () C:\Users\RedSpider\Desktop\Pix MM
2014-09-16 08:09 - 2014-09-16 08:09 - 01361419 _____ () C:\Users\RedSpider\Downloads\Matroska113Splitter.exe
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-09-16 08:07 - 2014-03-05 17:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-16 07:43 - 2013-07-19 18:11 - 00000000 _____ () C:\WINDOWS\Path.idx
2014-09-16 07:33 - 2013-03-06 04:37 - 00876960 _____ () C:\WINDOWS\PE_Rom.dll
2014-09-16 07:19 - 2014-06-03 19:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\vlc
2014-09-16 07:13 - 2013-03-05 06:14 - 00173568 _____ () C:\Users\RedSpider\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-16 07:11 - 2014-05-27 22:30 - 00000000 ____D () C:\EEK
2014-09-16 06:50 - 2014-09-16 06:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\RedSpider\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 06:37 - 2013-11-10 03:12 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\deluge
2014-09-16 06:17 - 2014-09-16 06:17 - 05185536 _____ (AVAST Software) C:\Users\RedSpider\Downloads\aswMBR.exe
2014-09-16 06:08 - 2014-09-16 06:08 - 00095642 _____ () C:\Users\RedSpider\Downloads\FRST.txt
2014-09-16 06:08 - 2014-09-16 06:08 - 00053474 _____ () C:\Users\RedSpider\Downloads\Addition.txt
2014-09-16 06:06 - 2014-09-16 06:06 - 02105856 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST64.exe
2014-09-16 06:05 - 2014-09-16 06:04 - 01097728 _____ (Farbar) C:\Users\RedSpider\Downloads\FRST.exe
2014-09-16 05:06 - 2013-03-25 01:01 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Skype
2014-09-16 04:03 - 2014-09-16 04:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-16 02:29 - 2014-09-16 02:29 - 00259584 _____ (OldTimer Tools) C:\Users\RedSpider\Desktop\OTH.scr
2014-09-15 07:15 - 2014-04-09 13:12 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-15 06:54 - 2013-01-28 22:52 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-09-15 06:53 - 2014-03-05 17:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Program Files\McAfee
2014-09-15 06:49 - 2013-01-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-09-15 06:49 - 2013-01-27 20:43 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-09-15 05:01 - 2014-09-15 05:01 - 00001778 _____ () C:\sc-cleaner.txt
2014-09-15 05:00 - 2014-09-15 05:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-14 19:16 - 2013-02-14 06:18 - 03102720 ___SH () C:\Users\RedSpider\Downloads\Thumbs.db
2014-09-14 19:05 - 2014-09-14 19:02 - 00073728 ___SH () C:\Users\RedSpider\Documents\Thumbs.db
2014-09-14 18:43 - 2014-08-25 22:17 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-09-14 07:29 - 2013-10-17 14:54 - 00000000 ____D () C:\Users\RedSpider
2014-09-13 22:36 - 2013-11-01 13:51 - 00000000 ____D () C:\ProgramData\Origin
2014-09-13 22:36 - 2013-11-01 13:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-13 22:33 - 2014-09-13 22:33 - 21370837 _____ () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com].rar
2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\Downloads\RTSSSetup620-[Guru3D.com]
2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-09-13 22:33 - 2013-11-30 09:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-13 22:30 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2014-09-13 22:00 - 2014-09-13 22:00 - 02688024 _____ (Martin Malík - REALiX ) C:\Users\RedSpider\Downloads\hw64_444.exe
2014-09-13 22:00 - 2014-09-13 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-09-13 21:57 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer
2014-09-13 21:56 - 2014-09-13 21:56 - 00080332 _____ () C:\Users\RedSpider\Downloads\MSIAfterburnerRemoteServer.rar
2014-09-13 07:31 - 2013-02-19 01:28 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2
2014-09-12 02:04 - 2014-09-12 02:04 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64 (1).msi
2014-09-12 02:04 - 2014-09-11 16:22 - 00000000 ____D () C:\Program Files\Microsoft Xbox One Controller for Windows
2014-09-11 05:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-11 03:46 - 2014-09-11 03:46 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\MKKE
2014-09-11 03:38 - 2014-09-11 03:38 - 174063616 _____ () C:\Users\RedSpider\Downloads\clonezilla-live-20140630-trusty-amd64.iso
2014-09-11 03:24 - 2014-09-11 03:24 - 00000222 _____ () C:\Users\RedSpider\Desktop\Mortal Kombat Komplete Edition.url
2014-09-11 03:01 - 2014-09-11 03:00 - 00458752 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-09-11 03:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-09-11 01:54 - 2014-09-11 01:54 - 02854912 _____ () C:\Users\RedSpider\Downloads\xb1usb.11059.0.140526x64.msi
2014-09-10 23:54 - 2013-08-22 16:44 - 00409280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-10 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-10 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-10 23:50 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-10 23:46 - 2013-03-25 01:01 - 00000000 ____D () C:\ProgramData\Skype
2014-09-10 23:44 - 2013-01-27 17:36 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-10 23:43 - 2014-09-10 23:43 - 17903792 _____ (Adobe Systems Incorporated) C:\Users\RedSpider\Downloads\install_flash_player.exe
2014-09-10 23:38 - 2013-02-07 15:49 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Adobe
2014-09-10 23:28 - 2014-09-10 23:28 - 01054400 _____ (Adobe) C:\Users\RedSpider\Downloads\install_flashplayer15x32ax_gtbd_chrd_dn_aaa_aih.exe
2014-09-10 05:30 - 2014-09-10 05:30 - 05412944 _____ (Canneverbe Limited ) C:\Users\RedSpider\Downloads\cdbxp_setup_4.5.4.5000_minimal.exe
2014-09-10 05:30 - 2013-12-08 05:52 - 00001911 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-10 05:30 - 2013-12-08 05:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-10 00:20 - 2013-02-09 17:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 00:19 - 2014-06-11 16:11 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-10 00:19 - 2014-06-11 16:11 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-10 00:19 - 2014-06-11 16:11 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-10 00:19 - 2014-06-11 16:11 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-10 00:19 - 2014-05-03 20:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-10 00:19 - 2014-05-03 20:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-10 00:19 - 2013-07-10 14:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 00:17 - 2013-01-27 17:29 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Program Files (x86)\Unified Remote
2014-09-09 13:44 - 2013-02-04 01:41 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Windows Live
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Users\RedSpider\Documents\WB Games
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-08 23:43 - 2014-01-23 23:36 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\dvdcss
2014-09-08 23:24 - 2014-09-08 23:24 - 01141680 _____ () C:\Users\RedSpider\Downloads\SteamSetup.exe
2014-09-08 23:24 - 2014-09-08 23:24 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-09-08 16:23 - 2014-09-08 16:23 - 163670496 _____ (Emsisoft GmbH ) C:\Users\RedSpider\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-07 21:06 - 2014-09-07 21:06 - 00001098 _____ () C:\Users\RedSpider\Desktop\MSI Afterburner.lnk
2014-09-07 19:44 - 2014-09-07 19:44 - 00298280 _____ () C:\WINDOWS\Minidump\090714-10765-01.dmp
2014-09-07 19:44 - 2014-09-07 19:32 - 727950455 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-07 19:44 - 2014-09-07 19:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-07 19:42 - 2014-09-07 19:42 - 02174848 _____ () C:\Users\RedSpider\Downloads\SpeedFan4.50.exe
2014-09-07 19:42 - 2014-09-07 19:30 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2014-09-07 19:35 - 2014-09-07 19:35 - 00298096 _____ () C:\WINDOWS\Minidump\090714-11375-01.dmp
2014-09-07 19:32 - 2014-09-07 19:32 - 00298264 _____ () C:\WINDOWS\Minidump\090714-11562-01.dmp
2014-09-07 19:30 - 2014-09-07 19:30 - 02174848 _____ () C:\Users\RedSpider\Downloads\instsf450.exe
2014-09-07 19:30 - 2014-09-07 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-09-07 14:19 - 2014-09-05 20:52 - 00000000 ____D () C:\Program Files\Recuva
2014-09-05 20:52 - 2014-09-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-09-05 20:51 - 2014-09-05 20:50 - 03161056 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\rcsetup151_slim.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-31 18:37 - 2014-07-21 02:55 - 00000000 ____D () C:\Users\RedSpider\Desktop\BR
2014-08-30 15:29 - 2014-08-30 15:29 - 00000755 _____ () C:\Users\RedSpider\Desktop\Start Emsisoft Emergency Kit.lnk
2014-08-30 15:21 - 2009-07-14 04:34 - 00000466 _____ () C:\WINDOWS\win.ini
2014-08-30 15:04 - 2014-08-30 15:04 - 00003394 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser Task for VeohWebPlayer
2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Program Files (x86)\Veoh Networks
2014-08-29 08:06 - 2014-08-29 08:06 - 00000692 _____ () C:\Users\RedSpider\Desktop\rutracker - Verknüpfung.lnk
2014-08-29 05:29 - 2014-08-20 05:13 - 00001086 _____ () C:\Users\RedSpider\Desktop\Unreleased and RAR VINYLs - Verknüpfung.lnk
2014-08-29 03:58 - 2014-09-10 23:50 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-08-29 03:32 - 2014-09-10 23:50 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-29 02:59 - 2014-09-10 23:50 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-29 01:56 - 2014-09-10 23:50 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-29 01:47 - 2014-09-10 23:50 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-27 18:31 - 2014-08-27 18:31 - 00654800 _____ () C:\Users\RedSpider\Downloads\SkymonkUploader.exe
2014-08-27 02:39 - 2014-08-27 02:39 - 04901352 _____ (Piriform Ltd) C:\Users\RedSpider\Downloads\ccsetup417.exe
2014-08-27 02:39 - 2013-01-30 15:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-27 02:32 - 2014-08-27 02:29 - 00000000 ____D () C:\Users\RedSpider\Santana Samba Pa Ti
2014-08-27 02:26 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\AccurateRip
2014-08-27 02:10 - 2014-08-27 02:10 - 00001082 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EAC
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-08-27 02:09 - 2014-08-27 02:09 - 01101648 _____ () C:\Users\RedSpider\Downloads\Exact Audio Copy - CHIP-Installer.exe
2014-08-26 01:53 - 2014-08-26 01:53 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EurekaLab s.a.s
2014-08-26 00:27 - 2014-09-10 23:50 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-25 22:16 - 2014-08-25 22:16 - 00002089 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk
2014-08-25 22:16 - 2013-02-09 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\GGEmpire441
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\GGEmpire
2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\Users\RedSpider\Documents\EMDB
2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMDB
2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\Program Files (x86)\EMDB
2014-08-24 13:20 - 2014-08-24 13:20 - 02160237 _____ () C:\Users\RedSpider\Downloads\emdb (1).zip
2014-08-23 09:48 - 2014-09-10 23:50 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 09:13 - 2014-09-10 23:50 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-10 23:50 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-10 23:50 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-10 23:50 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-10 23:50 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 06:33 - 2014-09-10 23:50 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-10 23:50 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-10 23:50 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-20 05:44 - 2014-03-19 01:24 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-20 05:44 - 2014-03-19 01:24 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-20 05:44 - 2014-03-19 01:24 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-20 05:44 - 2014-03-19 01:24 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-08-20 05:44 - 2014-03-19 01:24 - 00000000 ____D () C:\Program Files\Java
2014-08-20 05:44 - 2013-10-17 14:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-20 05:44 - 2013-06-24 03:19 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-20 05:44 - 2013-06-24 03:19 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-20 05:44 - 2013-06-24 03:19 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-20 05:44 - 2013-06-24 03:19 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-20 05:44 - 2013-06-24 03:19 - 00000000 ____D () C:\Program Files (x86)\Java
Some content of TEMP:
====================
C:\Users\RedSpider\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-17 12:37
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by RedSpider at 2014-09-17 22:35:27
Running from C:\Users\RedSpider\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6300 series Benutzerregistrierung (HKLM-x32\...\Canon MG6300 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15 - Illustrate)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Deluge 1.3.6 (HKLM-x32\...\Deluge) (Version: - )
DirectVobSub 2.41.7259 (5d3641a) Beta (HKLM-x32\...\vsfilter_is1) (Version: 2.41.7259 - MPC-HC Team)
EMDB 2.06 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel(R) Network Connections 18.7.28.0 (Version: 18.7.28.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
JDownloader Packages (HKCU\...\JDownloader Packages) (Version: - ) <==== ATTENTION
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Browser DVD/BD Image System Support Package (HKLM\...\pfm-license-mediabrowser.txt) (Version: - )
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
MKVToolNix 7.0.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.0.0 - Moritz Bunkus)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA FaceWorks: Real-time Performance Capture Demo (HKLM-x32\...\FaceWorks) (Version: 1.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Miracast Virtueller Ton 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
ReClock (HKLM-x32\...\ReClock) (Version: - SlySoft, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
USB Audio (HKLM\...\{D80E54FF-2464-4427-9B93-A9E121B90909}) (Version: 2.0.2 - Denon)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XySubFilter 3.1.0.546 (HKLM-x32\...\XySubFilter_is1) (Version: 3.1.0.546 - xy-VSFilter Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-09-2014 13:18:36 Geplanter Prüfpunkt
09-09-2014 13:49:03 Geplanter Prüfpunkt
11-09-2014 14:22:04 Installed Microsoft Xbox One Controller for Windows
15-09-2014 04:51:15 Microsoft MapPoint Europa 2013 wird entfernt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2014-02-06 06:47 - 00001117 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {042D788F-66E1-4CC4-B75F-7B5BFE0F17CB} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E0B4A22-69D8-494B-B206-006CB4DE3B72} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {1BFB5D4C-648E-441E-8EC8-8620A2DB4303} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D472716-948B-4A5C-83B4-3B5C8F23A9A0} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3FC2032E-6C71-491D-9A22-84AC547CD552} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-10] ()
Task: {43F8234E-4DAB-4C38-B548-C5362122B1E9} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5869E33A-74AB-46F1-871D-0ABAEFFF2D1A} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F780550-63C3-4A89-8540-B68266CB525D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7DE9E344-625D-4093-AD5D-0880144136C0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {87C28E1C-2A98-48FA-AA5A-04802A2610FD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D7A4ABF-B7FF-4D7A-91D1-75D07ABF844F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.)
Task: {944508FB-9101-43F4-9179-0BD5235CF6D3} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {97962511-DD7E-40DA-88B6-5EDCC592C436} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A616FFB1-2235-44D4-9C4B-348C6B19F13A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {AEECA187-BC10-4A49-8ED4-11507B21E2D6} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {B2C29026-2B42-4212-A90F-6ED7388F7578} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {B67856BC-3112-46EF-8107-786A03298193} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D19A5C85-473A-499E-B9A9-82BBDE8B60D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.)
Task: {D2C74A08-DDC2-41D7-9FA3-04E4F8186D8F} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3EB5696-328F-4FEE-84AE-F410A8090DF2} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [2014-09-04] (REALiX)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E88F6461-1431-4D62-BF72-81C80C2A2466} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-17 14:52 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00400384 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2014-06-10 08:04 - 2014-06-10 08:04 - 00465064 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2013-11-21 04:04 - 2013-01-14 17:37 - 01406776 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2013-03-06 04:33 - 2012-06-01 18:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00195584 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2014-09-11 23:53 - 2014-09-04 04:09 - 01442120 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 00168264 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 10329928 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 00405320 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-11 23:53 - 2014-09-04 04:09 - 01831752 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-06-05 07:37 - 2014-06-05 07:37 - 00216064 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00127488 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-06-05 07:37 - 2014-06-05 07:37 - 00638976 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2013-11-21 04:04 - 2013-01-14 18:16 - 05771136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-11-21 04:04 - 2010-06-21 16:21 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2013-03-06 04:33 - 2014-09-17 22:22 - 00025088 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-03-06 04:33 - 2010-06-29 11:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-11-21 04:04 - 2011-07-12 20:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-11-21 04:04 - 2010-10-05 09:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-11-21 04:04 - 2012-10-08 18:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-11-21 04:04 - 2013-01-15 16:30 - 01040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-11-21 04:07 - 2012-07-20 10:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-11-21 04:04 - 2013-04-15 15:19 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-11-21 04:04 - 2012-05-28 22:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-11-21 04:04 - 2011-09-19 21:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-11-21 04:04 - 2011-07-21 10:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-11-21 04:04 - 2012-08-29 19:09 - 00875520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-03-06 04:33 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-11-21 04:04 - 2010-10-05 09:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00324608 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2013-11-21 04:04 - 2009-08-12 21:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "TotalMedia Server.lnk"
HKLM\...\StartupApproved\Run32: => "Sweetpacks Communicator"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Smart File Advisor"
HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKCU\...\StartupApproved\Run: => "KiesPreload"
HKCU\...\StartupApproved\Run: => "KiesAirMessage"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (08/17/2014 07:28:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19136 seconds with 11220 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-09-16 08:26:27.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 06:15:19.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 03:58:43.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.661
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-13 03:17:02.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-12 05:59:47.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-11 00:59:59.177
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16351.14 MB
Available physical RAM: 14280.55 MB
Total Pagefile: 32735.14 MB
Available Pagefile: 30352.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.37 GB) (Free:73.14 GB) NTFS
Drive d: () (Fixed) (Total:1863.02 GB) (Free:130.39 GB) NTFS
Drive e: (Concerts HDD (E:)) (Fixed) (Total:931.5 GB) (Free:55.86 GB) NTFS
Drive f: (Volume) (Fixed) (Total:2790.14 GB) (Free:68.92 GB) NTFS
Drive g: (20140630-trusty-) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS
Drive h: (Volume) (Fixed) (Total:2790.14 GB) (Free:114.71 GB) NTFS
Drive l: (USB-HDD) (Fixed) (Total:1397.26 GB) (Free:107.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 65C9D9D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 65C9D9DC)
Partition: GPT Partition Type.
========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: 30E10F05)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 1397.3 GB) (Disk ID: 4D2D37C2)
Partition 1: (Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Guten Morgen schrauber, ist mein System stark infiziert ? und sollte ich vielleicht versuchen den PC in einen früheren Zeitpunkt zu versetzen !!! ich merke grade das einiges nicht mehr so gut läuft wie früher! wie zbs. wenn ich ordner mit dateien öffnen möchte werden die dateien erstmal nicht mit dem dazugehörigen programm erkannt und bleiben weis als ob die Dateizuordnung nicht stimmt. Hoffe ich konnte das Problem einigermaßen erklären ! MfG. |
|
18.09.2014, 16:16
| #8 |
| /// the machine /// TB-Ausbilder | feed.safefinder.com entfernen und System auf Viren überprüfenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.09.2014, 22:13
| #9 |
| | feed.safefinder.com entfernen und System auf Viren überprüfen Vielen Dank schrauber:-) für die super Unterstützung und den ausführlichen Anleitungen für die Viren Bekämpfung. Wenn die Scanner durch sind, poste ich die Ergebnisse. Gruß, MasterOG ESET ONLINE SCANNER LOG.FILE: ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=a3376586f51fe74ca55a85da28afab5c # engine=20172 # end=stopped # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-09-16 04:24:51 # local_time=2014-09-16 06:24:51 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 17843 15225012 0 0 # scanned=290869 # found=0 # cleaned=0 # scan_time=2270 ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=a3376586f51fe74ca55a85da28afab5c # engine=20172 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-09-16 08:01:51 # local_time=2014-09-16 10:01:51 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 30863 15238032 0 0 # scanned=400134 # found=12 # cleaned=0 # scan_time=10381 sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\RedSpider\Downloads\ccsetup416.exe" sh=1DE5D70A411EBBF4441FD569E7427CC28A4D6B13 ft=1 fh=b572351b8a033ea9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\RedSpider\Downloads\ccsetup417.exe" sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="D:\Software\FOOBAR2000 AIMP3 Asus essence stx treiber\SetupImgBurn_2.5.7.0.exe" sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="D:\Software\FOOBAR2000 AIMP3 Asus essence stx treiber\FLAC APE WAVEPACK CUE Brennen BIT EXACT\SetupImgBurn_2.5.7.0.exe" sh=25CF9B7BB46B581ED8DE03DDC56E1574087CACAA ft=1 fh=10c5a1651be6049d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="D:\Software\Windows Formate Programme\ccsetup326.exe" sh=180C8ED7C81E3AE7B0507B26C927EA93584B017C ft=1 fh=b0b83453fcc7b480 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="D:\Software\Windows Formate Programme\ccsetup327.exe" sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="D:\Software\Windows Formate Programme\ccsetup412.exe" sh=D9730C5400B014A430A5F608BE4AAF631122D10B ft=1 fh=973e8761a43b9766 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="D:\ZEKs HDD\video_deluxe_mx_201mb_d.exe" sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="F:\New System Format Programme\Foobar Multimedia\FLAC APE WAVEPACK CUE Brennen BIT EXACT\SetupImgBurn_2.5.7.0.exe" sh=5CA96A0C243390C378DEE1A629684EA261E2CFC4 ft=1 fh=a717dcd23690f0a7 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="F:\WhatCD\What.CD Toolbox 6 for Windows\Burning\SetupImgBurn_2.5.8.0.exe" sh=8FB67E7A05DABAEE976772182EFD265C708D0D0E ft=1 fh=27c2e5c2e2db566f vn="a variant of Win32/HackTool.Patcher.AD potentially unsafe application" ac=I fn="F:\WhatCD\What.CD Toolbox 6 for Windows\Content Analysis\Adobe Audition CC v6.0.732\adobe.photoshop.cc-patch-painter.exe" sh=6CC66428B9C1E8C48055E342CF83906FB6F39E65 ft=1 fh=5f00dd68e7de5c54 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="F:\WhatCD\What.CD Toolbox 6 for Windows\File Management\FreeFileSync_5.20_Windows_Setup.exe" ESETSmartInstaller@High as downloader log: Can not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not open internet# product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=a3376586f51fe74ca55a85da28afab5c # engine=20208 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-09-18 10:08:10 # local_time=2014-09-18 12:08:10 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 76209 15418411 0 0 # scanned=405044 # found=12 # cleaned=12 # scan_time=13822 sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\RedSpider\Downloads\ccsetup416.exe" sh=1DE5D70A411EBBF4441FD569E7427CC28A4D6B13 ft=1 fh=b572351b8a033ea9 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\RedSpider\Downloads\ccsetup417.exe" sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Software\FOOBAR2000 AIMP3 Asus essence stx treiber\SetupImgBurn_2.5.7.0.exe" sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Software\FOOBAR2000 AIMP3 Asus essence stx treiber\FLAC APE WAVEPACK CUE Brennen BIT EXACT\SetupImgBurn_2.5.7.0.exe" sh=25CF9B7BB46B581ED8DE03DDC56E1574087CACAA ft=1 fh=10c5a1651be6049d vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Software\Windows Formate Programme\ccsetup326.exe" sh=180C8ED7C81E3AE7B0507B26C927EA93584B017C ft=1 fh=b0b83453fcc7b480 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Software\Windows Formate Programme\ccsetup327.exe" sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Software\Windows Formate Programme\ccsetup412.exe" sh=D9730C5400B014A430A5F608BE4AAF631122D10B ft=1 fh=973e8761a43b9766 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\ZEKs HDD\video_deluxe_mx_201mb_d.exe" sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\New System Format Programme\Foobar Multimedia\FLAC APE WAVEPACK CUE Brennen BIT EXACT\SetupImgBurn_2.5.7.0.exe" sh=5CA96A0C243390C378DEE1A629684EA261E2CFC4 ft=1 fh=a717dcd23690f0a7 vn="Win32/OpenCandy potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\WhatCD\What.CD Toolbox 6 for Windows\Burning\SetupImgBurn_2.5.8.0.exe" sh=8FB67E7A05DABAEE976772182EFD265C708D0D0E ft=1 fh=27c2e5c2e2db566f vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\WhatCD\What.CD Toolbox 6 for Windows\Content Analysis\Adobe Audition CC v6.0.732\adobe.photoshop.cc-patch-painter.exe" sh=6CC66428B9C1E8C48055E342CF83906FB6F39E65 ft=1 fh=5f00dd68e7de5c54 vn="Win32/OpenCandy potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\WhatCD\What.CD Toolbox 6 for Windows\File Management\FreeFileSync_5.20_Windows_Setup.exe" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=a3376586f51fe74ca55a85da28afab5c # engine=20217 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-09-18 08:22:42 # local_time=2014-09-18 10:22:42 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 34749 15455283 0 0 # scanned=403976 # found=3 # cleaned=0 # scan_time=14123 sh=5CA96A0C243390C378DEE1A629684EA261E2CFC4 ft=1 fh=a717dcd23690f0a7 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\WhatCD\What.CD Toolbox 6 for Windows\Burning\SetupImgBurn_2.5.8.0.exe" sh=8FB67E7A05DABAEE976772182EFD265C708D0D0E ft=1 fh=27c2e5c2e2db566f vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung" ac=I fn="F:\WhatCD\What.CD Toolbox 6 for Windows\Content Analysis\Adobe Audition CC v6.0.732\adobe.photoshop.cc-patch-painter.exe" sh=6CC66428B9C1E8C48055E342CF83906FB6F39E65 ft=1 fh=5f00dd68e7de5c54 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\WhatCD\What.CD Toolbox 6 for Windows\File Management\FreeFileSync_5.20_Windows_Setup.exe" SecurityCheck: Results of screen317's Security Check version 0.99.87 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 20 Java version out of Date! Adobe Flash Player 15.0.0.152 Adobe Reader XI Google Chrome 37.0.2062.120 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST.txt X64 : FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by RedSpider (administrator) on REDSPIDER-PC on 18-09-2014 23:10:26
Running from C:\Users\RedSpider\Desktop\AntiVirus
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Users\Bootsektor\Downloads\mbam-setup\mbamscheduler.exe
(Malwarebytes Corporation) C:\Users\Bootsektor\Downloads\mbam-setup\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Users\Bootsektor\Downloads\mbam-setup\mbam.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Unified Intents AB) C:\Program Files (x86)\Unified Remote\RemoteServer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
() C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_asio\ASIOhost64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-06-03] (Unified Intents AB)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\Run: [GoogleChromeAutoLaunch_AA0546F6283AA107B5D07868E0E0FE05] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {4cd61f86-c877-11e3-8186-bcaec574c7fa} - "K:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {75a9a0da-32ee-11e4-8206-bcaec574c7fa} - "K:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-976349099-1794730339-1012751642-1000\...\MountPoints2: {b952332c-e244-11e3-81a2-bcaec574c7fa} - "L:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBA2693E4A4FCCD01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {9A01AA53-FAB4-4F9F-BB65-6D7F304B93BF} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B010DE0D20140409&p={SearchTerms}
SearchScopes: HKCU - {9A01AA53-FAB4-4F9F-BB65-6D7F304B93BF} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B010DE0D20140409&p={SearchTerms}
SearchScopes: HKCU - {BAB65997-01F0-41B0-B41D-937F60235DED} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-22]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=071313", "hxxp://www.spiegel.de/", "hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,,"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (chessmail ~ Schach) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkgfhmdidjkcoflclddnmgacgeaahkk [2014-04-02]
CHR Extension: (HD for YouTube™) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-04-04]
CHR Extension: (Google Drive) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-02]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-04-02]
CHR Extension: (The Thing 2011. TheThingMovie.net) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkcjahfmmfcnecceamibfaapiadafiim [2014-09-18]
CHR Extension: (AdBlock) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-02]
CHR Extension: (Stealthy) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-04-02]
CHR Extension: (Google Wallet) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-15]
CHR Extension: (Google Mail) - C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2013-11-01] (ASUSTeK Computer Inc.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Users\Bootsektor\Downloads\mbam-setup\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\Bootsektor\Downloads\mbam-setup\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [25928 2012-08-20] (MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [150344 2012-08-20] (MCCI Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-08-30] (Emsisoft GmbH)
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) [File not signed]
R3 DE_USBAUDIO; C:\Windows\system32\drivers\de_usbaudio.sys [144896 2013-05-20] (D&M Holdings Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468240 2013-08-21] (Intel Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-09-13] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 pfmfs_7DB; C:\Windows\System32\Drivers\pfmfs_7DB.sys [258296 2013-02-19] (Pismo Technic Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-06-10] ()
S3 SaiK0CFA; C:\Windows\system32\DRIVERS\SaiK0CFA.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
S3 SaiU0CFA; C:\Windows\System32\drivers\SaiU0CFA.sys [47168 2012-09-20] (Saitek)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(???? | ????? ???? ?????.))
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
U3 idsvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-18 23:08 - 2014-09-18 23:08 - 00854417 _____ () C:\Users\RedSpider\Desktop\SecurityCheck.exe
2014-09-18 21:48 - 2014-09-18 21:48 - 00002308 _____ () C:\Users\RedSpider\AppData\Local\recently-used.xbel
2014-09-18 08:54 - 2014-09-18 22:59 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 08:54 - 2014-09-18 16:00 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-18 08:54 - 2014-09-18 15:58 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 08:54 - 2014-09-18 08:54 - 00004114 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-18 08:54 - 2014-09-18 08:54 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-18 08:54 - 2014-09-18 08:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Deployment
2014-09-18 08:54 - 2014-09-18 08:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-18 08:22 - 2014-09-18 23:10 - 00000000 ____D () C:\Users\RedSpider\Desktop\AntiVirus
2014-09-18 07:40 - 2014-09-18 07:40 - 02347384 _____ (ESET) C:\Users\RedSpider\Desktop\esetsmartinstaller_deu.exe
2014-09-18 07:32 - 2014-09-18 07:32 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\VS Revo Group
2014-09-18 07:32 - 2014-09-18 07:32 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-18 07:32 - 2014-09-18 07:32 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-18 07:30 - 2014-09-18 07:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-17 22:04 - 2014-09-18 21:40 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 22:04 - 2014-09-17 22:04 - 00001206 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor\Downloads\mbam-setup
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-17 22:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-17 22:04 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-17 22:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-09-16 06:06 - 2014-09-18 23:10 - 00000000 ____D () C:\FRST
2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Program Files\McAfee
2014-09-15 05:01 - 2014-09-15 05:01 - 00001778 _____ () C:\sc-cleaner.txt
2014-09-15 05:00 - 2014-09-15 05:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-14 19:02 - 2014-09-14 19:05 - 00073728 ___SH () C:\Users\RedSpider\Documents\Thumbs.db
2014-09-14 00:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-14 00:44 - 2014-09-18 08:11 - 00000000 ____D () C:\AdwCleaner
2014-09-13 22:33 - 2014-09-16 10:20 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-09-13 22:00 - 2014-09-13 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-09-13 21:57 - 2014-09-13 22:30 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2014-09-11 16:22 - 2014-09-12 02:04 - 00000000 ____D () C:\Program Files\Microsoft Xbox One Controller for Windows
2014-09-11 03:46 - 2014-09-11 03:46 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\MKKE
2014-09-11 03:24 - 2014-09-11 03:24 - 00000222 _____ () C:\Users\RedSpider\Desktop\Mortal Kombat Komplete Edition.url
2014-09-11 03:00 - 2014-09-11 03:01 - 00458752 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-09-10 23:50 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-09-10 23:50 - 2014-08-29 03:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-10 23:50 - 2014-08-29 02:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-10 23:50 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-10 23:50 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-10 23:50 - 2014-08-26 00:27 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-10 23:50 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-10 23:50 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-10 23:50 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-10 23:50 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-10 23:50 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-10 23:50 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-10 23:50 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-10 23:50 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-10 23:50 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-10 23:50 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-10 23:50 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-10 23:50 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-09-10 23:50 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-10 23:50 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-10 23:50 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-10 23:50 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-10 23:50 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-10 23:50 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-10 23:50 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-10 23:50 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-09-10 23:50 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-09-10 23:50 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-10 23:50 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-09-10 23:50 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-09-10 23:50 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-09-10 23:50 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-10 23:50 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-10 23:50 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-09-10 23:50 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-10 23:50 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-10 23:50 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-10 23:50 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-09-10 23:50 - 2014-08-16 02:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-10 23:50 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-10 23:50 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-10 23:50 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-10 23:50 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-10 23:50 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-10 23:50 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-10 23:50 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-10 23:50 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-10 23:50 - 2014-08-16 02:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-10 23:50 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-10 23:50 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-10 23:50 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-10 23:50 - 2014-08-01 01:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-10 00:19 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-10 00:19 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-10 00:19 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-10 00:19 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-10 00:19 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-10 00:19 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-10 00:19 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-10 00:19 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-10 00:19 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-10 00:19 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-10 00:19 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-10 00:19 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-10 00:19 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-10 00:19 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-10 00:19 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-10 00:19 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-10 00:19 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-10 00:19 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-10 00:19 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-10 00:19 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-10 00:19 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-10 00:19 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 00:19 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-10 00:19 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-10 00:19 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-10 00:19 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-10 00:19 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-10 00:19 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-10 00:19 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-10 00:19 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-10 00:19 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-10 00:19 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-10 00:19 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-10 00:19 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 00:19 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-09 23:49 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-09 23:49 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-09 23:49 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Program Files (x86)\Unified Remote
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Users\RedSpider\Documents\WB Games
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-08 23:24 - 2014-09-08 23:24 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-09-07 21:06 - 2014-09-07 21:06 - 00001098 _____ () C:\Users\RedSpider\Desktop\MSI Afterburner.lnk
2014-09-07 19:44 - 2014-09-07 19:44 - 00298280 _____ () C:\WINDOWS\Minidump\090714-10765-01.dmp
2014-09-07 19:35 - 2014-09-07 19:35 - 00298096 _____ () C:\WINDOWS\Minidump\090714-11375-01.dmp
2014-09-07 19:32 - 2014-09-07 19:44 - 727950455 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-07 19:32 - 2014-09-07 19:44 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-07 19:32 - 2014-09-07 19:32 - 00298264 _____ () C:\WINDOWS\Minidump\090714-11562-01.dmp
2014-09-07 19:30 - 2014-09-07 19:42 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2014-09-07 19:30 - 2014-09-07 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-09-05 20:52 - 2014-09-07 14:19 - 00000000 ____D () C:\Program Files\Recuva
2014-09-05 20:52 - 2014-09-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-09-03 00:13 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-03 00:13 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-03 00:13 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-08-30 15:29 - 2014-08-30 15:29 - 00000755 _____ () C:\Users\RedSpider\Desktop\Start Emsisoft Emergency Kit.lnk
2014-08-30 15:04 - 2014-08-30 15:04 - 00003394 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser Task for VeohWebPlayer
2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Program Files (x86)\Veoh Networks
2014-08-29 08:06 - 2014-08-29 08:06 - 00000692 _____ () C:\Users\RedSpider\Desktop\rutracker - Verknüpfung.lnk
2014-08-27 02:29 - 2014-08-27 02:32 - 00000000 ____D () C:\Users\RedSpider\Santana Samba Pa Ti
2014-08-27 02:10 - 2014-08-27 02:26 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\AccurateRip
2014-08-27 02:10 - 2014-08-27 02:10 - 00001082 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EAC
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-08-26 01:53 - 2014-08-26 01:53 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EurekaLab s.a.s
2014-08-25 22:17 - 2014-09-14 18:43 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-08-25 22:16 - 2014-08-25 22:16 - 00002089 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\GGEmpire441
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\GGEmpire
2014-08-25 10:03 - 2014-09-16 08:57 - 00000000 ____D () C:\Users\RedSpider\Desktop\Pix MM
2014-08-20 05:13 - 2014-08-29 05:29 - 00001086 _____ () C:\Users\RedSpider\Desktop\Unreleased and RAR VINYLs - Verknüpfung.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-18 23:10 - 2014-09-18 08:22 - 00000000 ____D () C:\Users\RedSpider\Desktop\AntiVirus
2014-09-18 23:10 - 2014-09-16 06:06 - 00000000 ____D () C:\FRST
2014-09-18 23:08 - 2014-09-18 23:08 - 00854417 _____ () C:\Users\RedSpider\Desktop\SecurityCheck.exe
2014-09-18 23:08 - 2013-02-01 02:44 - 09700352 ___SH () C:\Users\RedSpider\Desktop\Thumbs.db
2014-09-18 23:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-18 22:59 - 2014-09-18 08:54 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 22:44 - 2013-01-27 17:36 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-18 21:48 - 2014-09-18 21:48 - 00002308 _____ () C:\Users\RedSpider\AppData\Local\recently-used.xbel
2014-09-18 21:40 - 2014-09-17 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 19:15 - 2013-04-22 18:50 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81665560-7A12-4689-97A0-7C5ADF10D3F3}
2014-09-18 18:29 - 2013-01-27 20:03 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\foobar2000
2014-09-18 16:18 - 2013-01-27 18:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-976349099-1794730339-1012751642-1000
2014-09-18 16:06 - 2013-09-30 06:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 16:06 - 2013-09-30 05:56 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-18 16:06 - 2013-09-30 05:56 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-18 16:00 - 2014-09-18 08:54 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-18 15:58 - 2014-09-18 08:54 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 15:58 - 2013-10-17 14:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-18 15:58 - 2013-09-29 21:04 - 00537390 _____ () C:\WINDOWS\PFRO.log
2014-09-18 15:58 - 2013-08-22 16:46 - 00707317 _____ () C:\WINDOWS\setupact.log
2014-09-18 15:58 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-18 15:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-18 15:58 - 2013-07-03 04:08 - 00000375 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-09-18 15:57 - 2014-04-08 00:17 - 00003038 _____ () C:\WINDOWS\System32\Tasks\MSIAfterburner
2014-09-18 14:20 - 2013-10-17 14:52 - 01613888 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-18 08:54 - 2014-09-18 08:54 - 00004114 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-18 08:54 - 2014-09-18 08:54 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-18 08:54 - 2014-09-18 08:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Deployment
2014-09-18 08:54 - 2014-09-18 08:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-18 08:54 - 2013-01-27 18:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 08:38 - 2014-06-03 19:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\vlc
2014-09-18 08:11 - 2014-09-14 00:44 - 00000000 ____D () C:\AdwCleaner
2014-09-18 07:40 - 2014-09-18 07:40 - 02347384 _____ (ESET) C:\Users\RedSpider\Desktop\esetsmartinstaller_deu.exe
2014-09-18 07:32 - 2014-09-18 07:32 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\VS Revo Group
2014-09-18 07:32 - 2014-09-18 07:32 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-18 07:32 - 2014-09-18 07:32 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-18 07:30 - 2014-09-18 07:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-18 07:03 - 2013-01-27 16:41 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\VirtualStore
2014-09-18 06:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-17 22:04 - 2014-09-17 22:04 - 00001206 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor\Downloads\mbam-setup
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\Users\Bootsektor
2014-09-17 22:04 - 2014-09-17 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-16 10:20 - 2014-09-13 22:33 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-09-16 10:20 - 2013-01-28 22:45 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-09-16 08:57 - 2014-08-25 10:03 - 00000000 ____D () C:\Users\RedSpider\Desktop\Pix MM
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-09-16 08:09 - 2014-09-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-09-16 08:07 - 2014-03-05 17:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-16 07:43 - 2013-07-19 18:11 - 00000000 _____ () C:\WINDOWS\Path.idx
2014-09-16 07:33 - 2013-03-06 04:37 - 00876960 _____ () C:\WINDOWS\PE_Rom.dll
2014-09-16 07:13 - 2013-03-05 06:14 - 00173568 _____ () C:\Users\RedSpider\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-16 07:11 - 2014-05-27 22:30 - 00000000 ____D () C:\EEK
2014-09-16 06:37 - 2013-11-10 03:12 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\deluge
2014-09-16 05:06 - 2013-03-25 01:01 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Skype
2014-09-15 07:15 - 2014-04-09 13:12 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-15 06:54 - 2013-01-28 22:52 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-09-15 06:53 - 2014-03-05 17:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Program Files\McAfee
2014-09-15 06:49 - 2013-01-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-09-15 06:49 - 2013-01-27 20:43 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-09-15 05:01 - 2014-09-15 05:01 - 00001778 _____ () C:\sc-cleaner.txt
2014-09-15 05:00 - 2014-09-15 05:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-14 19:16 - 2013-02-14 06:18 - 03102720 ___SH () C:\Users\RedSpider\Downloads\Thumbs.db
2014-09-14 19:05 - 2014-09-14 19:02 - 00073728 ___SH () C:\Users\RedSpider\Documents\Thumbs.db
2014-09-14 18:43 - 2014-08-25 22:17 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-09-14 07:29 - 2013-10-17 14:54 - 00000000 ____D () C:\Users\RedSpider
2014-09-13 22:36 - 2013-11-01 13:51 - 00000000 ____D () C:\ProgramData\Origin
2014-09-13 22:36 - 2013-11-01 13:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-13 22:33 - 2014-09-13 22:33 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-09-13 22:33 - 2013-11-30 09:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-13 22:30 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2014-09-13 22:00 - 2014-09-13 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-09-13 22:00 - 2014-09-13 22:00 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-09-13 07:31 - 2013-02-19 01:28 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2
2014-09-12 02:04 - 2014-09-11 16:22 - 00000000 ____D () C:\Program Files\Microsoft Xbox One Controller for Windows
2014-09-11 05:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-11 03:46 - 2014-09-11 03:46 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\MKKE
2014-09-11 03:24 - 2014-09-11 03:24 - 00000222 _____ () C:\Users\RedSpider\Desktop\Mortal Kombat Komplete Edition.url
2014-09-11 03:01 - 2014-09-11 03:00 - 00458752 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-09-11 03:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-09-10 23:54 - 2013-08-22 16:44 - 00409280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-10 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-10 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-10 23:50 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-10 23:46 - 2013-03-25 01:01 - 00000000 ____D () C:\ProgramData\Skype
2014-09-10 23:44 - 2013-01-27 17:36 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-10 23:38 - 2013-02-07 15:49 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Adobe
2014-09-10 05:30 - 2013-12-08 05:52 - 00001911 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-10 05:30 - 2013-12-08 05:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-10 00:20 - 2013-02-09 17:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 00:19 - 2014-06-11 16:11 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-10 00:19 - 2014-06-11 16:11 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-10 00:19 - 2014-06-11 16:11 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-10 00:19 - 2014-06-11 16:11 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-10 00:19 - 2014-06-11 16:11 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-10 00:19 - 2014-05-03 20:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-10 00:19 - 2014-05-03 20:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-10 00:19 - 2013-07-10 14:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 00:17 - 2013-01-27 17:29 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
2014-09-09 17:54 - 2014-09-09 17:54 - 00000000 ____D () C:\Program Files (x86)\Unified Remote
2014-09-09 13:44 - 2013-02-04 01:41 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\Windows Live
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Users\RedSpider\Documents\WB Games
2014-09-09 01:22 - 2014-09-09 01:22 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-08 23:43 - 2014-01-23 23:36 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\dvdcss
2014-09-08 23:24 - 2014-09-08 23:24 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-09-07 21:06 - 2014-09-07 21:06 - 00001098 _____ () C:\Users\RedSpider\Desktop\MSI Afterburner.lnk
2014-09-07 19:44 - 2014-09-07 19:44 - 00298280 _____ () C:\WINDOWS\Minidump\090714-10765-01.dmp
2014-09-07 19:44 - 2014-09-07 19:32 - 727950455 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-07 19:44 - 2014-09-07 19:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-07 19:42 - 2014-09-07 19:30 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2014-09-07 19:35 - 2014-09-07 19:35 - 00298096 _____ () C:\WINDOWS\Minidump\090714-11375-01.dmp
2014-09-07 19:32 - 2014-09-07 19:32 - 00298264 _____ () C:\WINDOWS\Minidump\090714-11562-01.dmp
2014-09-07 19:30 - 2014-09-07 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-09-07 14:19 - 2014-09-05 20:52 - 00000000 ____D () C:\Program Files\Recuva
2014-09-05 20:52 - 2014-09-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-31 18:37 - 2014-07-21 02:55 - 00000000 ____D () C:\Users\RedSpider\Desktop\BR
2014-08-30 15:29 - 2014-08-30 15:29 - 00000755 _____ () C:\Users\RedSpider\Desktop\Start Emsisoft Emergency Kit.lnk
2014-08-30 15:21 - 2009-07-14 04:34 - 00000466 _____ () C:\WINDOWS\win.ini
2014-08-30 15:04 - 2014-08-30 15:04 - 00003394 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser Task for VeohWebPlayer
2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Program Files (x86)\Veoh Networks
2014-08-29 08:06 - 2014-08-29 08:06 - 00000692 _____ () C:\Users\RedSpider\Desktop\rutracker - Verknüpfung.lnk
2014-08-29 05:29 - 2014-08-20 05:13 - 00001086 _____ () C:\Users\RedSpider\Desktop\Unreleased and RAR VINYLs - Verknüpfung.lnk
2014-08-29 03:58 - 2014-09-10 23:50 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-08-29 03:32 - 2014-09-10 23:50 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-29 02:59 - 2014-09-10 23:50 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-29 01:56 - 2014-09-10 23:50 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-29 01:47 - 2014-09-10 23:50 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-27 02:39 - 2013-01-30 15:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-27 02:32 - 2014-08-27 02:29 - 00000000 ____D () C:\Users\RedSpider\Santana Samba Pa Ti
2014-08-27 02:26 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\AccurateRip
2014-08-27 02:10 - 2014-08-27 02:10 - 00001082 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EAC
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-08-27 02:10 - 2014-08-27 02:10 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-08-26 01:53 - 2014-08-26 01:53 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\EurekaLab s.a.s
2014-08-26 00:27 - 2014-09-10 23:50 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-25 22:16 - 2014-08-25 22:16 - 00002089 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk
2014-08-25 22:16 - 2013-02-09 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Roaming\GGEmpire441
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\WorldofTanks
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\StormFall
2014-08-25 22:15 - 2014-08-25 22:15 - 00000000 ____D () C:\Users\RedSpider\AppData\Local\GGEmpire
2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\Users\RedSpider\Documents\EMDB
2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMDB
2014-08-24 13:21 - 2014-06-24 21:13 - 00000000 ____D () C:\Program Files (x86)\EMDB
2014-08-23 09:48 - 2014-09-10 23:50 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 09:13 - 2014-09-10 23:50 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-10 23:50 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-10 23:50 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-10 23:50 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-10 23:50 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 06:33 - 2014-09-10 23:50 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-10 23:50 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-10 23:50 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-20 05:44 - 2014-03-19 01:24 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-20 05:44 - 2014-03-19 01:24 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-20 05:44 - 2014-03-19 01:24 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-20 05:44 - 2014-03-19 01:24 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-08-20 05:44 - 2014-03-19 01:24 - 00000000 ____D () C:\Program Files\Java
2014-08-20 05:44 - 2013-10-17 14:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-20 05:44 - 2013-06-24 03:19 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-20 05:44 - 2013-06-24 03:19 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-20 05:44 - 2013-06-24 03:19 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-20 05:44 - 2013-06-24 03:19 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-20 05:44 - 2013-06-24 03:19 - 00000000 ____D () C:\Program Files (x86)\Java
Some content of TEMP:
====================
C:\Users\RedSpider\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-18 16:18
==================== End Of Log ============================
--- --- --- |
|
19.09.2014, 07:08
| #10 |
| | feed.safefinder.com entfernen und System auf Viren überprüfen Addition Scan.txt:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by RedSpider at 2014-09-18 23:10:48
Running from C:\Users\RedSpider\Desktop\AntiVirus
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6300 series Benutzerregistrierung (HKLM-x32\...\Canon MG6300 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15 - Illustrate)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Deluge 1.3.6 (HKLM-x32\...\Deluge) (Version: - )
DirectVobSub 2.41.7259 (5d3641a) Beta (HKLM-x32\...\vsfilter_is1) (Version: 2.41.7259 - MPC-HC Team)
EMDB 2.06 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel(R) Network Connections 18.7.28.0 (Version: 18.7.28.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
JDownloader Packages (HKCU\...\JDownloader Packages) (Version: - ) <==== ATTENTION
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Browser DVD/BD Image System Support Package (HKLM\...\pfm-license-mediabrowser.txt) (Version: - )
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
MKVToolNix 7.0.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.0.0 - Moritz Bunkus)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA FaceWorks: Real-time Performance Capture Demo (HKLM-x32\...\FaceWorks) (Version: 1.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Miracast Virtueller Ton 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
ReClock (HKLM-x32\...\ReClock) (Version: - SlySoft, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
USB Audio (HKLM\...\{D80E54FF-2464-4427-9B93-A9E121B90909}) (Version: 2.0.2 - Denon)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XySubFilter 3.1.0.546 (HKLM-x32\...\XySubFilter_is1) (Version: 3.1.0.546 - xy-VSFilter Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-09-2014 13:18:36 Geplanter Prüfpunkt
09-09-2014 13:49:03 Geplanter Prüfpunkt
11-09-2014 14:22:04 Installed Microsoft Xbox One Controller for Windows
15-09-2014 04:51:15 Microsoft MapPoint Europa 2013 wird entfernt
18-09-2014 05:55:38 Revo Uninstaller's restore point - Google Chrome
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2014-02-06 06:47 - 00001117 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0102171E-D248-4160-B990-25C714EB66D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18] (Google Inc.)
Task: {042D788F-66E1-4CC4-B75F-7B5BFE0F17CB} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E0B4A22-69D8-494B-B206-006CB4DE3B72} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {1BFB5D4C-648E-441E-8EC8-8620A2DB4303} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D472716-948B-4A5C-83B4-3B5C8F23A9A0} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {43F8234E-4DAB-4C38-B548-C5362122B1E9} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5869E33A-74AB-46F1-871D-0ABAEFFF2D1A} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7DE9E344-625D-4093-AD5D-0880144136C0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {87C28E1C-2A98-48FA-AA5A-04802A2610FD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {929E5052-1222-43CF-BC89-0833EB8DA5FB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {944508FB-9101-43F4-9179-0BD5235CF6D3} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {97962511-DD7E-40DA-88B6-5EDCC592C436} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A616FFB1-2235-44D4-9C4B-348C6B19F13A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {A9214C1A-0093-4EF1-A88C-AB35D073CECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18] (Google Inc.)
Task: {AEECA187-BC10-4A49-8ED4-11507B21E2D6} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {B2C29026-2B42-4212-A90F-6ED7388F7578} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {B67856BC-3112-46EF-8107-786A03298193} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D2C74A08-DDC2-41D7-9FA3-04E4F8186D8F} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3EB5696-328F-4FEE-84AE-F410A8090DF2} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [2014-09-04] (REALiX)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E88F6461-1431-4D62-BF72-81C80C2A2466} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {F1942C85-022C-432D-8E92-25BA1B7742DB} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-10] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-17 14:52 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00400384 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2013-11-21 04:04 - 2013-01-14 17:37 - 01406776 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2014-06-10 08:04 - 2014-06-10 08:04 - 00465064 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2013-03-06 04:33 - 2012-06-01 18:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00195584 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2013-01-27 20:37 - 2013-01-27 20:37 - 00098816 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_asio\ASIOhost64.exe
2014-08-30 20:07 - 2014-08-30 20:07 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2013-11-21 04:04 - 2013-01-14 18:16 - 05771136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-11-21 04:04 - 2010-06-21 16:21 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-06-05 07:37 - 2014-06-05 07:37 - 00216064 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-06-05 07:36 - 2014-06-05 07:36 - 00127488 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-06-05 07:37 - 2014-06-05 07:37 - 00638976 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2013-03-06 04:33 - 2014-09-18 15:58 - 00025088 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-03-06 04:33 - 2010-06-29 11:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00324608 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-08-30 20:07 - 2014-08-30 20:07 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2013-11-21 04:04 - 2011-07-12 20:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-11-21 04:04 - 2010-10-05 09:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-11-21 04:04 - 2012-10-08 18:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-11-21 04:04 - 2013-01-15 16:30 - 01040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-11-21 04:07 - 2012-07-20 10:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-11-21 04:04 - 2013-04-15 15:19 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-11-21 04:04 - 2012-05-28 22:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-11-21 04:04 - 2011-09-19 21:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-11-21 04:04 - 2011-07-21 10:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-11-21 04:04 - 2012-08-29 19:09 - 00875520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-03-06 04:33 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-11-21 04:04 - 2010-10-05 09:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-11-21 04:04 - 2009-08-12 21:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-09-18 08:54 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-18 08:54 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-18 08:54 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-18 08:54 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-18 08:54 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2013-05-04 13:57 - 2013-05-04 13:57 - 00095712 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 00156088 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00199680 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 00945104 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2013-01-28 23:20 - 2013-01-28 23:20 - 01767936 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_facets\foo_facets.dll
2013-01-27 20:37 - 2013-01-27 20:37 - 00183296 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_asio\foo_out_asio.dll
2013-09-23 02:23 - 2013-09-23 02:23 - 00400384 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_dynamic_range\foo_dynamic_range.dll
2014-01-29 05:44 - 2009-06-14 00:49 - 00257536 _____ () C:\Program Files (x86)\foobar2000\components\foo_uie_albumlist.dll
2013-09-23 02:24 - 2013-09-23 02:24 - 00337920 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_uie_biography\foo_uie_biography.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00304128 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2013-01-28 23:07 - 2013-01-28 23:07 - 00301056 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_input_sacd\foo_input_sacd.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00351232 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2013-01-28 23:36 - 2013-01-28 23:36 - 01334272 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_simplaylist\foo_simplaylist.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00501248 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2013-09-23 02:28 - 2013-09-23 02:28 - 00331776 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_input_dvda\foo_input_dvda.dll
2013-07-07 00:51 - 2013-07-07 00:51 - 00147968 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_ramdisk\foo_ramdisk.dll
2013-11-01 22:19 - 2013-11-01 22:19 - 00147456 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_out_wasapi\foo_out_wasapi.dll
2013-04-27 18:59 - 2013-04-27 18:59 - 00271872 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_input_monkey\foo_input_monkey.dll
2014-01-29 04:34 - 2014-01-29 04:34 - 00724992 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_uie_lyrics3\foo_uie_lyrics3.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00350720 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2014-01-23 16:31 - 2014-01-23 16:31 - 00199168 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 01390536 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2013-11-02 21:58 - 2013-11-02 21:58 - 00723968 _____ () C:\Program Files (x86)\foobar2000\avcodec-fb2k-55.dll
2014-01-23 16:34 - 2014-01-23 16:34 - 00335800 _____ () C:\Program Files (x86)\foobar2000\avutil-fb2k-52.dll
2013-02-23 22:22 - 2013-02-23 22:22 - 00430080 _____ () C:\Users\RedSpider\AppData\Roaming\foobar2000\user-components\foo_httpcontrol\foo_httpcontrol.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "TotalMedia Server.lnk"
HKLM\...\StartupApproved\Run32: => "Sweetpacks Communicator"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Smart File Advisor"
HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKCU\...\StartupApproved\Run: => "KiesPreload"
HKCU\...\StartupApproved\Run: => "KiesAirMessage"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2014 11:02:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 06:24:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 06:24:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 06:24:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 04:19:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 04:18:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/18/2014 08:34:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 08:29:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 08:28:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/18/2014 08:28:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (09/18/2014 09:21:26 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (09/18/2014 05:22:12 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (09/18/2014 05:22:07 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (09/18/2014 04:18:39 PM) (Source: DCOM) (EventID: 10010) (User: RedSpider-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/18/2014 03:58:58 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (09/18/2014 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/18/2014 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/18/2014 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/18/2014 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/18/2014 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: RedSpider-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}RedSpider-PCRedSpiderS-1-5-21-976349099-1794730339-1012751642-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
Error: (08/17/2014 07:28:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19136 seconds with 11220 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-09-16 08:26:27.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 06:15:19.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 03:58:43.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.661
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-14 19:41:51.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-13 03:17:02.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-12 05:59:47.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-11 00:59:59.177
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16351.14 MB
Available physical RAM: 13865.64 MB
Total Pagefile: 32735.14 MB
Available Pagefile: 29343.47 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.37 GB) (Free:83.3 GB) NTFS
Drive d: () (Fixed) (Total:1863.02 GB) (Free:82.25 GB) NTFS
Drive f: (Volume) (Fixed) (Total:2790.14 GB) (Free:66.62 GB) NTFS
Drive h: (Volume) (Fixed) (Total:2790.14 GB) (Free:114.71 GB) NTFS
Drive l: (USB-HDD) (Fixed) (Total:1397.26 GB) (Free:107.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 65C9D9D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 65C9D9DC)
Partition: GPT Partition Type.
========================================================
Disk: 5 (Size: 1397.3 GB) (Disk ID: 4D2D37C2)
Partition 1: (Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Habe jetzt zum Schluss nochmals EdwCleaner laufen lassen!!! Siehe Logfile:AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.310 - Bericht erstellt am 18/09/2014 um 23:21:31
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : RedSpider - REDSPIDER-PC
# Gestartet von : C:\Users\RedSpider\Desktop\AntiVirus\AdwCleaner_3.310.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17278
-\\ Google Chrome v37.0.2062.120
[ Datei : C:\Users\RedSpider\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Startup_urls] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5HtgW9e_DuX3ywRMXtYsMh4Qt7MrNn4G6p6l0_vvG0yzKBeLtzAX1tNx9sAd-Tzzf-AM7FrjsJ8AmkLsw0uaJ8Oz6JuSCrOF71LzuMDq6mejGFfUOUWpWy025XXteMtSPF6b8JZZwuwC2umSlDwRug,,
*************************
AdwCleaner[R0].txt - [2831 octets] - [14/09/2014 00:44:42]
AdwCleaner[R10].txt - [2230 octets] - [18/09/2014 08:02:48]
AdwCleaner[R11].txt - [2361 octets] - [18/09/2014 23:20:56]
AdwCleaner[R1].txt - [1210 octets] - [15/09/2014 04:48:51]
AdwCleaner[R2].txt - [1313 octets] - [15/09/2014 07:27:20]
AdwCleaner[R3].txt - [1373 octets] - [16/09/2014 02:12:40]
AdwCleaner[R4].txt - [1493 octets] - [16/09/2014 02:42:45]
AdwCleaner[R5].txt - [1613 octets] - [16/09/2014 03:47:21]
AdwCleaner[R6].txt - [1471 octets] - [16/09/2014 06:58:26]
AdwCleaner[R7].txt - [1862 octets] - [16/09/2014 12:45:01]
AdwCleaner[R8].txt - [1988 octets] - [17/09/2014 22:20:48]
AdwCleaner[R9].txt - [2108 octets] - [18/09/2014 07:41:22]
AdwCleaner[S0].txt - [2671 octets] - [14/09/2014 00:54:12]
AdwCleaner[S10].txt - [1741 octets] - [18/09/2014 23:21:31]
AdwCleaner[S1].txt - [1271 octets] - [15/09/2014 04:49:18]
AdwCleaner[S2].txt - [1434 octets] - [16/09/2014 02:14:03]
AdwCleaner[S3].txt - [1554 octets] - [16/09/2014 02:43:20]
AdwCleaner[S4].txt - [1674 octets] - [16/09/2014 05:41:24]
AdwCleaner[S5].txt - [1532 octets] - [16/09/2014 06:58:46]
AdwCleaner[S6].txt - [1923 octets] - [16/09/2014 12:46:11]
AdwCleaner[S7].txt - [2049 octets] - [17/09/2014 22:21:23]
AdwCleaner[S8].txt - [2169 octets] - [18/09/2014 07:42:05]
AdwCleaner[S9].txt - [2290 octets] - [18/09/2014 08:11:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [2342 octets] ##########
MfG, MasterOG Schrauber Thanks a lot great support, mein System ist soweit wieder voll funktionsfähig und scheint astrein sauber zu sein ;-) Der blöde safefinder hatte sich in den chrome einstellungen unter startseite festgeklammert. Habe es aufgespürt und gelöscht. Wünsche dir und dein Team noch ein gutes WE. Gruß MasterOG |
|
19.09.2014, 18:43
| #11 |
| /// the machine /// TB-Ausbilder | feed.safefinder.com entfernen und System auf Viren überprüfen Java updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.09.2014, 23:57
| #12 |
| | feed.safefinder.com entfernen und System auf Viren überprüfen Mit Combofix und Defogger läuft nichts : combofix lässt sich überhaupt nicht ausführen immer eine Fehlermeldung wegen Betriebssystem. Und Defogger sagt: unable to open file Konnte bisher beide dieser genannten tools nicht nutzen!!! Hi schrauber, soweit alles bereinigt und natürlich die Deinstallationen ausgeführt. Werde mich an die wichtigen Punkte halten um mein System in Zukunft Virenfrei zu halten. MfG. |
|
20.09.2014, 17:27
| #13 |
| /// the machine /// TB-Ausbilder | feed.safefinder.com entfernen und System auf Viren überprüfen ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu feed.safefinder.com entfernen und System auf Viren überprüfen |
| appdata, entfernen, fehlercode 0x80070057, fehlercode 0xc0000142, folgende, interne, internet, internet explorer, launch, problem, pup.optional.safefinder.a, registrierungsdatenbank, system, trojaner, verknüpfungen, vollständig, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.g, win32/bundled.toolbar.google.d, win32/hacktool.patcher.ad, überprüfen |
WARNUNG an die MITLESER: 
Linear-Darstellung
