| |
| |||||||
Log-Analyse und Auswertung: Keine Internetverbindung zu manchen Seiten + PopupsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.10.2014, 14:06
| #1 |
 |  Keine Internetverbindung zu manchen Seiten + Popups Hallo liebe Trojaner Gemeinde! Brauche eure Hilfe Seit ich heute den Rechner gestartet habe kann ich bestimmte Websites(google.de, facebook.com,youtube.de) nicht mehr aufrufen. Weder mit Firefox noch IE, jedoch hängt es nicht am Provider an anderen Rechnern geht es. Außerdem sind auf allen Websiten(auch dieser) Solche Werbe Frames, deren Inhalt zwar geblockt wird durch Firefox Add-on, jedoch erscheinen sie als leere Rahmen. Pop Ups wie hxxp://delivery.media-tractor.com/www/delivery/directads.php?zoneid=88&referer=www.trojaner-board.de&cb=21775791403&source=pu sind auch vorhanden. Auch wenn ich Programme starten will wie GMER oder FRST meldet Windows: das keine Verbindung zum Smart Screen besteht, um die Datei zu überprüfen, ich weiß den genauen Wortlaut nicht mehr. Hier die Files: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:51 on 02/10/2014 (Kevin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by Kevin (administrator) on WORKSTATION on 02-10-2014 14:53:46
Running from E:\Benutzer\Kevin\Downloads
Loaded Profile: Kevin (Available profiles: Kevin & jagod_000)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) E:\Program Files (x86)\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe
(Firebird Project) E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbguard.exe
(Firebird Project) E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) E:\Program Files (x86)\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer_Service.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftFindServer.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe
() C:\Program Files (x86)\Universal Updater\UpdaterService.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe
(TreeSoft GmbH & Co. KG) E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Spotify Ltd) C:\Users\Kevin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) E:\Program Files (x86)\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
() C:\Program Files (x86)\Universal Updater\CrashMon.exe
(Sony Corporation) E:\Program Files (x86)\PlayMemories Home\PMBVolumeWatcher.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Salus\Salus.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-01-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files (x86)\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [VirtualCloneDrive] => E:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [PDFPrint] => E:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CrashMon] => C:\Program Files (x86)\Universal Updater\CrashMon.exe [375296 2014-06-15] ()
HKLM-x32\...\Run: [PMBVolumeWatcher] => E:\Program Files (x86)\PlayMemories Home\PMBVolumeWatcher.exe [2557976 2014-06-24] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Salus] => C:\Program Files (x86)\Salus\Salus.exe [981840 2014-09-24] ()
HKLM-x32\...\Run: [Salus CrashMon] => "C:\Program Files (x86)\Salus\CrashMon.exe" "Salus.exe" "hxxp://log.data-url.com/salus/crash"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\Run: [Spotify] => C:\Users\Kevin\AppData\Roaming\Spotify\spotify.exe [6342200 2014-09-21] (Spotify Ltd)
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\Run: [Spotify Web Helper] => C:\Users\Kevin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-21] (Spotify Ltd)
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {0f5db609-2b18-11e4-83b1-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {0f5db66b-2b18-11e4-83b1-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {19376125-9bcd-11e3-82b2-bc5ff4f1074d} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {7a37e14a-2b6a-11e4-83b2-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {7a37e162-2b6a-11e4-83b2-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {7a37e27c-2b6a-11e4-83b2-bc5ff4f1074d} - "H:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {7a37e2ce-2b6a-11e4-83b2-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {7afa49e7-9672-11e3-829e-bc5ff4f1074d} - "H:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {aa816282-8d2b-11e3-827e-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3231436611-243068960-233781985-1001\...\MountPoints2: {cd9a2cb6-807e-11e3-825b-bc5ff4f1074d} - "G:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files (x86)\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE78C9400112CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files (x86)\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E6062A33-016E-4BDA-A6F1-890D989F8656} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files (x86)\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {E6062A33-016E-4BDA-A6F1-890D989F8656} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\2asfkn5k.default
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*'))%20%7B%20return%20'PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll (Sony Network Entertainment International LLC)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\2asfkn5k.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2014-02-10]
FF Extension: WinToFlash Suggestor - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\2asfkn5k.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2014-02-10]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\2asfkn5k.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2014-02-10]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\2asfkn5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files (x86)\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Program Files (x86)\Avast\WebRep\FF [2014-02-05]
Chrome:
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! Online Security) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-05]
CHR Extension: (Google Wallet) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files (x86)\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-14]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2014-02-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; E:\Program Files (x86)\Avast\AvastSvc.exe [50344 2014-05-14] (AVAST Software)
R2 EslWireHelper; E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 FirebirdGuardianTreesoftOffice.org; E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbguard.exe [81920 2014-09-29] (Firebird Project) [File not signed]
R3 FirebirdServerTreesoftOffice.org; E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe [2785280 2014-09-29] (Firebird Project) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PMBDeviceInfoProvider; E:\Program Files (x86)\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2014-06-24] (Sony Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-19] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-19] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer9; E:\Program Files (x86)\TeamViewer_Service.exe [5037888 2014-07-02] (TeamViewer GmbH)
R2 TreesoftFindServer; E:\Program Files (x86)\CAD \Program\TreesoftFindServer.exe [183376 2014-09-29] (TreeSoft GmbH & Co. KG)
R2 TreesoftMailAgent; E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [732752 2014-09-29] (TreeSoft GmbH & Co. KG)
S3 TreesoftMobileAgent; E:\Program Files (x86)\CAD \Program\TreesoftMobileAgent.exe [13392 2014-09-29] (TreeSoft GmbH & Co. KG)
R3 TreesoftTextControlServer; E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [268880 2014-09-29] (TreeSoft GmbH & Co. KG)
R2 UniversalUpdater; C:\Program Files (x86)\Universal Updater\UpdaterService.exe [583608 2014-06-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-14] ()
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-19] (Advanced Micro Devices) [File not signed]
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-03-27] (<Turtle Entertainment>)
R1 Salus; C:\Windows\System32\drivers\Salus.sys [52048 2014-09-24] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Kevin\AppData\Local\Temp\ALSysIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 14:51 - 2014-10-02 14:51 - 00000000 _____ () C:\Users\Kevin\defogger_reenable
2014-10-01 18:12 - 2014-10-01 18:12 - 00000000 ____D () C:\Program Files (x86)\Salus
2014-09-29 11:52 - 2014-09-29 11:52 - 00000769 _____ () C:\Users\Public\Desktop\TreesoftOffice.org.lnk
2014-09-29 11:52 - 2014-09-29 11:52 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Treesoft
2014-09-29 11:52 - 2014-09-29 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreesoftOffice.org
2014-09-28 17:21 - 2014-09-28 22:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-28 17:21 - 2014-09-28 17:21 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-09-28 17:21 - 2014-09-28 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-25 01:18 - 2014-09-25 01:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 12:51 - 2014-09-24 12:51 - 00052048 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\salus.sys
2014-09-15 09:42 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-15 09:42 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-15 09:42 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 09:42 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 09:42 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-15 09:42 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-15 09:42 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-15 09:42 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-15 09:42 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-15 09:42 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-15 09:42 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-15 09:42 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-15 09:42 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-15 09:42 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-15 09:42 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-15 09:42 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-15 09:42 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-15 09:42 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-15 09:42 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-15 09:42 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-15 09:42 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-15 09:42 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 09:42 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-15 09:42 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-15 09:42 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 09:42 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-15 09:42 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-15 09:42 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-15 09:42 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-15 09:42 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-15 09:42 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-15 09:42 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-15 09:42 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-15 09:42 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-15 09:42 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-15 09:42 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-15 09:42 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-15 09:42 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-15 09:42 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-15 09:42 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-15 09:42 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-15 09:42 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-15 09:42 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-15 09:42 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-15 09:42 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-15 09:42 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-15 09:42 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-15 09:42 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-15 09:42 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-15 09:42 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 09:42 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-15 09:42 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 09:42 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 09:42 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 09:42 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 09:42 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-15 09:42 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-15 09:42 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-15 09:42 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-15 09:42 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-15 09:42 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-15 09:42 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-15 09:42 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-15 09:42 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-15 09:42 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-15 09:42 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-15 09:42 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-15 09:42 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-15 09:42 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-15 09:42 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 09:42 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-15 09:42 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 09:42 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-15 09:42 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 09:42 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 09:42 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 09:42 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 09:42 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-15 09:42 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-15 09:42 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-15 09:42 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-15 09:42 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-15 09:42 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-15 09:42 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-15 09:42 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-15 09:42 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-15 09:42 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-15 09:42 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-15 09:42 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 09:42 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-15 09:42 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-15 09:42 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-15 09:42 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-15 09:42 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 09:42 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-15 09:42 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-15 09:42 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 09:42 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-15 09:42 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-15 09:42 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-15 09:42 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-15 09:42 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-15 09:42 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-15 09:42 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-15 09:42 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-15 09:42 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-15 09:42 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 09:42 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-15 09:42 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-15 09:42 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-15 09:42 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-15 09:42 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-15 09:42 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-15 09:42 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-15 09:42 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-15 09:42 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-15 09:42 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-15 09:42 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-15 09:42 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-15 09:42 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-15 09:42 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-15 09:42 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-15 09:42 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-15 09:42 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-15 09:42 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-15 09:42 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 09:42 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-15 09:42 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-15 09:42 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-15 09:42 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-15 09:42 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-15 09:42 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-15 09:42 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-15 09:42 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 09:42 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-15 09:42 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-15 09:42 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 09:42 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-15 09:42 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-15 09:42 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-15 09:42 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-15 09:42 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-15 09:42 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-15 09:42 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-15 09:42 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-15 09:42 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-15 09:42 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-15 09:42 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-15 09:42 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-15 09:42 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-15 09:42 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-15 09:42 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-15 09:42 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 09:42 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-15 09:42 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-15 09:42 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-15 09:42 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-15 09:42 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-15 09:42 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-15 09:42 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-15 09:42 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-15 09:42 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-15 09:42 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-15 09:42 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-15 09:42 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-15 09:42 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-15 09:42 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-15 09:42 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 09:42 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-15 09:42 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-15 09:42 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-15 09:42 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-15 09:42 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-15 09:42 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-15 09:42 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-15 09:42 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-15 09:42 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-15 09:42 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-15 09:42 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-15 09:42 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-15 09:42 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-15 09:42 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-15 09:42 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-15 09:42 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-15 09:42 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-15 09:42 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-15 09:42 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-15 09:42 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 09:42 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-15 09:42 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-15 09:42 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-15 09:42 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-15 09:42 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-15 09:42 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-15 09:42 - 2014-07-10 01:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-15 09:42 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-15 09:42 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-15 09:42 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-15 09:42 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-15 09:42 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-15 09:42 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-15 09:42 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-15 09:42 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-15 09:42 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-15 09:42 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-15 09:42 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-15 09:42 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-15 09:42 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-15 09:42 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-15 09:42 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-15 09:42 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-15 09:42 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-15 09:42 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-15 09:42 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-15 09:42 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-15 09:42 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-15 09:42 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-15 09:42 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-15 09:42 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-15 09:42 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-15 09:42 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-15 09:42 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-15 09:42 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-15 09:42 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-15 09:42 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-15 09:42 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-15 09:42 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-15 09:42 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-15 09:42 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-15 09:36 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-15 00:44 - 2014-09-15 00:44 - 00000295 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2014-09-14 18:39 - 2014-09-14 18:39 - 00000834 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-14 18:39 - 2014-09-14 18:39 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Canneverbe Limited
2014-09-14 18:39 - 2014-09-14 18:39 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-09-14 12:45 - 2014-09-14 12:45 - 00411368 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2014-09-14 12:45 - 2014-09-14 12:45 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2014-09-14 12:45 - 2014-09-14 12:45 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2014-09-14 12:45 - 2014-09-14 12:45 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2014-09-14 12:45 - 2014-09-14 12:45 - 00000000 ____D () C:\ProgramData\Sun
2014-09-14 12:45 - 2014-09-14 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Room EQ Wizard V5
2014-09-14 12:45 - 2014-09-14 12:45 - 00000000 ____D () C:\Program Files (x86)\Room EQ Wizard V5
2014-09-14 12:45 - 2014-09-14 12:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-14 12:44 - 2014-09-14 12:51 - 00000000 ___HD () C:\jexepackres
2014-09-13 12:58 - 2014-09-13 12:58 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\MiniDSP-2wayAdv
2014-09-13 12:56 - 2014-09-13 12:56 - 00001075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniDSP-2wayAdv.lnk
2014-09-13 12:56 - 2014-09-13 12:56 - 00001063 _____ () C:\Users\Public\Desktop\MiniDSP-2wayAdv.lnk
2014-09-13 12:56 - 2014-09-13 12:56 - 00000000 ____D () C:\Program Files (x86)\miniDSP
2014-09-11 11:26 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 11:26 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 11:26 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 11:26 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 11:26 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 11:26 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 11:26 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 11:26 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 11:26 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 11:26 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 11:26 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 11:26 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 11:26 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 11:26 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 11:26 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 11:26 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 11:26 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 11:26 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 11:26 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 11:26 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 11:26 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 11:26 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 11:26 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 11:26 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 11:26 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 11:26 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 11:26 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 11:26 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 11:26 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 11:26 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 11:26 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 11:26 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 11:26 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 11:26 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 11:26 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 11:25 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-11 11:25 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-11 11:25 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-05 20:06 - 2014-09-09 20:44 - 00001051 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-05 20:06 - 2014-09-05 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 14:53 - 2014-02-04 12:53 - 00000000 ____D () C:\FRST
2014-10-02 14:51 - 2014-01-15 16:27 - 00000000 ____D () C:\Users\Kevin
2014-10-02 14:32 - 2014-01-15 18:02 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 14:23 - 2014-07-22 00:02 - 00000000 ____D () C:\Users\Kevin\AppData\Local\PMB Files
2014-10-02 14:03 - 2014-01-15 16:25 - 01522522 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 14:02 - 2014-01-16 01:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-02 13:51 - 2013-09-30 06:14 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 13:51 - 2013-09-30 05:56 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-10-02 13:51 - 2013-09-30 05:56 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 13:50 - 2014-01-15 16:35 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3231436611-243068960-233781985-1001
2014-10-02 13:45 - 2014-01-15 18:02 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 13:45 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 06:54 - 2014-01-16 17:12 - 00000000 ____D () C:\Users\Kevin\AppData\Local\JDownloader v2.0
2014-10-02 06:54 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-10-02 06:52 - 2014-07-22 00:02 - 00000000 ____D () C:\ProgramData\PMB Files
2014-10-02 05:06 - 2014-08-21 19:32 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Adobe
2014-10-01 17:54 - 2014-05-03 01:42 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Spotify
2014-10-01 11:03 - 2014-05-03 01:42 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Spotify
2014-09-30 23:50 - 2014-02-05 16:08 - 00004164 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-29 00:07 - 2014-01-16 02:02 - 00000000 ____D () C:\Users\Kevin\AppData\Local\ESL Wire Game Client
2014-09-28 17:37 - 2014-01-15 19:36 - 00229650 _____ () C:\Windows\DirectX.log
2014-09-27 03:52 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-26 19:48 - 2013-08-22 16:46 - 00078209 _____ () C:\Windows\setupact.log
2014-09-26 19:47 - 2014-02-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 13:43 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-18 16:02 - 2014-08-21 19:30 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 16:48 - 2013-08-22 16:44 - 02652632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-16 16:47 - 2013-09-29 21:04 - 00020102 _____ () C:\Windows\PFRO.log
2014-09-16 02:21 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-16 02:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-16 02:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-15 10:56 - 2014-01-18 17:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 10:53 - 2014-01-18 17:11 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-15 02:23 - 2014-01-15 16:29 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Packages
2014-09-13 12:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-13 00:38 - 2014-01-15 17:33 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3231436611-243068960-233781985-1004
2014-09-11 11:26 - 2014-06-12 06:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 11:26 - 2014-06-12 06:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 11:26 - 2014-06-12 06:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 11:26 - 2014-06-12 06:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 11:26 - 2014-06-12 06:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 11:26 - 2014-06-12 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 11:26 - 2014-05-03 10:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 11:26 - 2014-05-03 10:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 11:26 - 2014-01-15 17:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 13:48 - 2014-03-30 17:14 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-10 13:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\tracing
2014-09-10 03:24 - 2014-01-15 18:20 - 00000000 ____D () C:\ProgramData\Origin
2014-09-09 21:01 - 2014-01-16 01:16 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-05 20:06 - 2014-01-15 16:32 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\ASAUninst.exe
C:\Users\Kevin\AppData\Local\Temp\bitool.dll
C:\Users\Kevin\AppData\Local\Temp\CMInstaller.exe
C:\Users\Kevin\AppData\Local\Temp\Display.dll
C:\Users\Kevin\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Kevin\AppData\Local\Temp\EslWireSetup-1.17.3.7977-x64.exe
C:\Users\Kevin\AppData\Local\Temp\EslWireSetup-1.17.3.8001-x64.exe
C:\Users\Kevin\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Kevin\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Kevin\AppData\Local\Temp\Mfc42.dll
C:\Users\Kevin\AppData\Local\Temp\mpegc.dll
C:\Users\Kevin\AppData\Local\Temp\Msvcrt.dll
C:\Users\Kevin\AppData\Local\Temp\proxy_vole5533499487282110022.dll
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kevin\AppData\Local\Temp\setup_asa.EXE
C:\Users\Kevin\AppData\Local\Temp\sonarinst.exe
C:\Users\Kevin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Kevin\AppData\Local\Temp\Uninstall.exe
C:\Users\Kevin\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-20 12:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
Ran by Kevin at 2014-10-02 14:54:04
Running from E:\Benutzer\Kevin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40131 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0131.1535.27922 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{8D2C98CB-7D5D-25CE-C72B-3F2C257F0284}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version: - Microsoft)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.677.20 - Electronic Arts Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.2.03.16101 - Sony Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MiniDSP-2wayAdv (HKLM-x32\...\MiniDSP-2wayAdv.93B26324F3B23983B479A8A5CBA0BA67786239FC.1) (Version: v1.10 - UNKNOWN)
MiniDSP-2wayAdv (x32 Version: 1.10 - UNKNOWN) Hidden
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.2 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.2 - MPC-HC Team)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Perfect Photo Suite 8 (HKLM-x32\...\Perfect Photo Suite 8 PE) (Version: 8.5.1 - onOne Software)
Photomatix Pro version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picturenaut 3.2 (HKLM-x32\...\{8717416E-107D-4D2F-8F30-11C342A1F9EE}) (Version: 3.2.0.1690 - Marc M.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
PlayMemories Home (HKLM-x32\...\{6F26A633-ACC2-4850-82C5-60A06D606175}) (Version: 3.1.20.06241 - Sony Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 Version 3.2 by Energizer (HKLM-x32\...\{1532222D-BE32-4B40-B32E-2096E5A8049F}_is1) (Version: 3.2 by Energizer - Atari)
Room EQ Wizard V5 (HKLM-x32\...\RoomEQWizardV5) (Version: - John Mulcahy)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TreesoftOffice.org (HKLM-x32\...\TreesoftOffice.org) (Version: 6.3 - Treesoft GmbH & Co. KG)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{7A0D09B0-6575-11E2-89D5-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
24-09-2014 11:43:27 Windows Update
28-09-2014 15:37:25 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09D173F3-1AA8-46CB-8D3C-4921657711FC} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22F56482-75DD-4CC2-833D-ADE39D77B28F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51B2B2EF-C6A6-4F96-8566-23DF74DA3912} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-15] (Microsoft Corporation)
Task: {55A796AA-C13B-41C3-ABD1-5F7DBEBEA73A} - System32\Tasks\avast! Emergency Update => E:\Program Files (x86)\Avast\AvastEmUpdate.exe [2014-05-14] (AVAST Software)
Task: {64BE1255-CE9C-4DB5-8511-8085B627F3CE} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3231436611-243068960-233781985-1001
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76837697-3B1D-472E-9F5B-0FEBE34D6303} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {840DD1EB-B563-43E0-89CF-A2E612F0BA9A} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {958B66FC-5022-4F18-8D99-345A1535ED8A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA693B90-5B5D-43B4-8EEC-ABA2E89811DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {C0B89AA9-32CA-4434-869B-67BAA671B23B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {C4FFF86F-2F9B-4D36-8899-D370D13D0A38} - System32\Tasks\Launch HTC Sync Loader => E:\Program Files (x86)\HTC SYNC\htcUPCTLoader.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EDFF34FB-96BB-4F86-B2AA-8D4BE7684658} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {F246BF00-7D65-4765-BD4E-F7BDB04D4A9A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-comebackhome@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F6541A2E-CEC3-4EB1-9454-FF4E6CFB69F0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {FCA195EE-54CF-44C7-A2E2-CFDEE8A1F5A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-16 02:02 - 2014-01-29 19:14 - 00663056 _____ () E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe
2014-01-16 02:02 - 2014-02-06 16:38 - 00214016 _____ () E:\Program Files (x64)\EslWire\service\NocIPC64.dll
2014-03-27 01:52 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-07-04 15:37 - 2014-07-19 06:22 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-06-15 10:53 - 2014-06-15 10:53 - 00583608 _____ () C:\Program Files (x86)\Universal Updater\UpdaterService.exe
2014-06-15 10:52 - 2014-06-15 10:52 - 00375296 _____ () C:\Program Files (x86)\Universal Updater\CrashMon.exe
2014-09-24 12:51 - 2014-09-24 12:51 - 00981840 _____ () C:\Program Files (x86)\Salus\Salus.exe
2013-06-12 18:11 - 2014-07-22 00:03 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-07-22 00:03 - 2014-09-27 14:02 - 02453496 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe
2014-09-27 14:02 - 2014-09-27 14:02 - 04081656 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
2014-07-22 00:05 - 2014-07-22 00:05 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe
2014-10-02 13:45 - 2014-10-02 13:45 - 02858496 _____ () E:\Program Files (x86)\Avast\defs\14100200\algo.dll
2014-02-05 16:08 - 2014-02-05 16:08 - 19336120 _____ () E:\Program Files (x86)\Avast\libcef.dll
2014-04-04 10:25 - 2014-04-04 10:25 - 00102400 _____ () C:\Program Files (x86)\Salus\nfapi.dll
2014-06-05 06:41 - 2014-06-05 06:41 - 00331776 _____ () C:\Program Files (x86)\Salus\ProtocolFilters.dll
2014-09-27 14:02 - 2014-09-27 14:02 - 01636856 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotLauncher.dll
2014-09-10 13:41 - 2014-09-10 13:41 - 42975744 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\libcef.dll
2014-09-10 13:41 - 2014-09-10 13:41 - 01559552 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icui18n.dll
2014-09-10 13:41 - 2014-09-10 13:41 - 01241088 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icuuc.dll
2014-09-10 13:41 - 2014-09-10 13:41 - 04945408 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\v8.dll
2014-09-27 14:02 - 2014-09-27 14:02 - 01712640 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotRadsIO.dll
2014-07-22 00:05 - 2014-07-22 00:05 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-09-25 01:18 - 2014-09-25 01:18 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:DF623ED6
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "HTC Sync Loader"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKCU\...\StartupApproved\Run: => "Spotify"
========================= Accounts: ==========================
Administrator (S-1-5-21-3231436611-243068960-233781985-500 - Administrator - Disabled)
Gast (S-1-5-21-3231436611-243068960-233781985-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3231436611-243068960-233781985-1003 - Limited - Enabled)
jagod_000 (S-1-5-21-3231436611-243068960-233781985-1004 - Administrator - Enabled) => C:\Users\jagod_000
Kevin (S-1-5-21-3231436611-243068960-233781985-1001 - Administrator - Enabled) => C:\Users\Kevin
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/01/2014 06:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1260
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (10/01/2014 05:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Name des fehlerhaften Moduls: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f599
ID des fehlerhaften Prozesses: 0x1598
Startzeit der fehlerhaften Anwendung: 0xCrashMon.exe0
Pfad der fehlerhaften Anwendung: CrashMon.exe1
Pfad des fehlerhaften Moduls: CrashMon.exe2
Berichtskennung: CrashMon.exe3
Vollständiger Name des fehlerhaften Pakets: CrashMon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CrashMon.exe5
Error: (10/01/2014 11:17:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SUPER.exe, Version: 2.0.14.60, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17114, Zeitstempel: 0x53648f36
Ausnahmecode: 0xc0000024
Fehleroffset: 0x00073152
ID des fehlerhaften Prozesses: 0x1804
Startzeit der fehlerhaften Anwendung: 0xSUPER.exe0
Pfad der fehlerhaften Anwendung: SUPER.exe1
Pfad des fehlerhaften Moduls: SUPER.exe2
Berichtskennung: SUPER.exe3
Vollständiger Name des fehlerhaften Pakets: SUPER.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SUPER.exe5
Error: (10/01/2014 11:15:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SUPER.exe, Version: 2.0.14.60, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17278, Zeitstempel: 0x53eeb796
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025963
ID des fehlerhaften Prozesses: 0x37c
Startzeit der fehlerhaften Anwendung: 0xSUPER.exe0
Pfad der fehlerhaften Anwendung: SUPER.exe1
Pfad des fehlerhaften Moduls: SUPER.exe2
Berichtskennung: SUPER.exe3
Vollständiger Name des fehlerhaften Pakets: SUPER.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SUPER.exe5
Error: (10/01/2014 04:51:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Name des fehlerhaften Moduls: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f599
ID des fehlerhaften Prozesses: 0x153c
Startzeit der fehlerhaften Anwendung: 0xCrashMon.exe0
Pfad der fehlerhaften Anwendung: CrashMon.exe1
Pfad des fehlerhaften Moduls: CrashMon.exe2
Berichtskennung: CrashMon.exe3
Vollständiger Name des fehlerhaften Pakets: CrashMon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CrashMon.exe5
Error: (09/28/2014 10:15:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Name des fehlerhaften Moduls: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f599
ID des fehlerhaften Prozesses: 0xff0
Startzeit der fehlerhaften Anwendung: 0xCrashMon.exe0
Pfad der fehlerhaften Anwendung: CrashMon.exe1
Pfad des fehlerhaften Moduls: CrashMon.exe2
Berichtskennung: CrashMon.exe3
Vollständiger Name des fehlerhaften Pakets: CrashMon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CrashMon.exe5
Error: (09/28/2014 05:37:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/27/2014 07:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Name des fehlerhaften Moduls: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f599
ID des fehlerhaften Prozesses: 0x13dc
Startzeit der fehlerhaften Anwendung: 0xCrashMon.exe0
Pfad der fehlerhaften Anwendung: CrashMon.exe1
Pfad des fehlerhaften Moduls: CrashMon.exe2
Berichtskennung: CrashMon.exe3
Vollständiger Name des fehlerhaften Pakets: CrashMon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CrashMon.exe5
Error: (09/25/2014 08:54:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Name des fehlerhaften Moduls: CrashMon.exe, Version: 0.0.0.0, Zeitstempel: 0x539d5ec8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f599
ID des fehlerhaften Prozesses: 0x135c
Startzeit der fehlerhaften Anwendung: 0xCrashMon.exe0
Pfad der fehlerhaften Anwendung: CrashMon.exe1
Pfad des fehlerhaften Moduls: CrashMon.exe2
Berichtskennung: CrashMon.exe3
Vollständiger Name des fehlerhaften Pakets: CrashMon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CrashMon.exe5
Error: (09/24/2014 01:43:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
System errors:
=============
Error: (10/02/2014 01:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/02/2014 01:45:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/02/2014 01:45:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/02/2014 01:45:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/02/2014 01:45:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Hardlock" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (10/02/2014 01:45:40 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: hardlock.sys
Error: (10/02/2014 01:45:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/01/2014 07:13:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/01/2014 07:13:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (10/01/2014 01:31:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
Error: (10/01/2014 06:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b126001cfdd550115cc74C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc80865e9-4985-11e4-83de-bc5ff4f1074d
Error: (10/01/2014 05:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CrashMon.exe0.0.0.0539d5ec8CrashMon.exe0.0.0.0539d5ec8c00000050000f599159801cfdd550220d6a2C:\Program Files (x86)\Universal Updater\CrashMon.exeC:\Program Files (x86)\Universal Updater\CrashMon.exef4dccc6c-4982-11e4-83de-bc5ff4f1074d
Error: (10/01/2014 11:17:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SUPER.exe2.0.14.602a425e19ntdll.dll6.3.9600.1711453648f36c000002400073152180401cfdd584fbe6082C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exeC:\Windows\SYSTEM32\ntdll.dllba3a712c-494b-11e4-83de-bc5ff4f1074d
Error: (10/01/2014 11:15:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SUPER.exe2.0.14.602a425e19jscript9.dll11.0.9600.1727853eeb796c00000050002596337c01cfdd55c5267573C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exeC:\Windows\SYSTEM32\jscript9.dll842cbbf9-494b-11e4-83de-bc5ff4f1074d
Error: (10/01/2014 04:51:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CrashMon.exe0.0.0.0539d5ec8CrashMon.exe0.0.0.0539d5ec8c00000050000f599153c01cfdcf8948898fcC:\Program Files (x86)\Universal Updater\CrashMon.exeC:\Program Files (x86)\Universal Updater\CrashMon.exedb1f4a7d-4915-11e4-83dd-bc5ff4f1074d
Error: (09/28/2014 10:15:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CrashMon.exe0.0.0.0539d5ec8CrashMon.exe0.0.0.0539d5ec8c00000050000f599ff001cfdb13970bfe2cC:\Program Files (x86)\Universal Updater\CrashMon.exeC:\Program Files (x86)\Universal Updater\CrashMon.exe3796465c-474c-11e4-83da-bc5ff4f1074d
Error: (09/28/2014 05:37:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (09/27/2014 07:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CrashMon.exe0.0.0.0539d5ec8CrashMon.exe0.0.0.0539d5ec8c00000050000f59913dc01cfda4aa72af47dC:\Program Files (x86)\Universal Updater\CrashMon.exeC:\Program Files (x86)\Universal Updater\CrashMon.exe9cb6deda-466a-11e4-83d9-bc5ff4f1074d
Error: (09/25/2014 08:54:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CrashMon.exe0.0.0.0539d5ec8CrashMon.exe0.0.0.0539d5ec8c00000050000f599135c01cfd89d093ec404C:\Program Files (x86)\Universal Updater\CrashMon.exeC:\Program Files (x86)\Universal Updater\CrashMon.exe722940d8-44e5-11e4-83d6-bc5ff4f1074d
Error: (09/24/2014 01:43:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 8111.39 MB
Available physical RAM: 5217.4 MB
Total Pagefile: 9391.39 MB
Available Pagefile: 6194.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.27 GB) (Free:60.12 GB) NTFS
Drive e: (Volume) (Fixed) (Total:465.76 GB) (Free:225.51 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: F46AD61A)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
02.10.2014, 14:07
| #2 |
| | Keine Internetverbindung zu manchen Seiten + PopupsCode:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-02 15:00:28
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000027 Samsung_SSD_840_EVO_120GB rev.EXT0BB0Q 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\Kevin\AppData\Local\Temp\kglorpoc.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[668] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\services.exe[724] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\lsass.exe[732] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\winlogon.exe[780] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[852] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[880] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\dwm.exe[992] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[1020] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[1020] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdf020169a 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\atiesrxx.exe[1020] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdf02016a2 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\atiesrxx.exe[1020] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdf020181a 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\atiesrxx.exe[1020] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdf0201832 4 bytes [20, F0, FD, 7F]
.text C:\Windows\System32\svchost.exe[328] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\System32\svchost.exe[420] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[476] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[660] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\atieclxx.exe[1036] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\atieclxx.exe[1036] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdf020169a 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\atieclxx.exe[1036] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdf02016a2 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\atieclxx.exe[1036] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdf020181a 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\atieclxx.exe[1036] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdf0201832 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\svchost.exe[1140] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\Explorer.EXE[1460] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\DllHost.exe[1900] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[2040] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\taskhostex.exe[1100] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1368] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\dashost.exe[2212] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe[2268] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe[2268] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdf020169a 4 bytes [20, F0, FD, 7F]
.text E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe[2268] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdf02016a2 4 bytes [20, F0, FD, 7F]
.text E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe[2268] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdf020181a 4 bytes [20, F0, FD, 7F]
.text E:\Program Files (x64)\EslWire\service\WireHelperSvc.exe[2268] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdf0201832 4 bytes [20, F0, FD, 7F]
.text C:\Windows\system32\svchost.exe[2664] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\wbem\wmiprvse.exe[1476] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[3680] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[3704] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\System32\skydrive.exe[4060] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\svchost.exe[3352] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\System32\SettingSyncHost.exe[3484] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\System32\svchost.exe[2512] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\AUDIODG.EXE[4704] C:\Windows\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4812] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe[4956] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5052] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3500] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe[3272] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\wbem\unsecapp.exe[5796] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\system32\DllHost.exe[6076] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffde0bc1f6a 4 bytes [BC, E0, FD, 7F]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffde0bc1f82 4 bytes [BC, E0, FD, 7F]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdf020169a 4 bytes [20, F0, FD, 7F]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdf02016a2 4 bytes [20, F0, FD, 7F]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdf020181a 4 bytes [20, F0, FD, 7F]
.text E:\Benutzer\Kevin\Downloads\FRST64.exe[1444] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdf0201832 4 bytes [20, F0, FD, 7F]
.text C:\Windows\System32\svchost.exe[2556] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\SYSTEM32\notepad.exe[2572] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
.text C:\Windows\SYSTEM32\notepad.exe[5176] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffdf0a2553d 1 byte [62]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [676:944] fffff96000985b90
---- Processes - GMER 2.1 ----
Process E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbguard.exe (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbguard.exe [2316] (Firebird SQL Server/Firebird Project)(2014-09-29 08:18:34) 0000000000400000
Library E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbclient.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbguard.exe [2316] (Firebird SQL Server/Firebird Project)(2014-09-29 08:18:34) 0000000010000000
Process E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe [2376] (Firebird SQL Server/Firebird Project)(2014-09-29 08:18:34) 0000000000400000
Library E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\icuuc30.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe [2376] (IBM ICU Common DLL/IBM Corporation and others)(2014-09-29 08:18:35) 000000004a800000
Library E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\icudt30.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe [2376] (ICU Data DLL/IBM Corporation and others)(2014-09-29 08:18:35) 000000004ad00000
Library E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\intl\fbintl.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\Firebird_2_1_tso\bin\fbserver.exe [2376] (Firebird SQL Server/Firebird Project)(2014-09-29 08:18:36) 0000000010000000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [2804] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\Plugins\imageformats\qico4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:41) 00000000723d0000
Library E:\Program Files (x86)\CAD \Program\tx4ole13.ocx (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (FILE NOT FOUND) 0000000010000000
Library E:\Program Files (x86)\CAD \Program\TX13_WND.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (Control Window Management Tool/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000a10000
Library E:\Program Files (x86)\CAD \Program\TX13.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (TX Text Control core component/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000eb0000
Library E:\Program Files (x86)\CAD \Program\TX13_TLS.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [444] (Tool Bars for TX Text Control/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000f70000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\Plugins\imageformats\qico4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:41) 00000000723d0000
Library E:\Program Files (x86)\CAD \Program\tx4ole13.ocx (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (FILE NOT FOUND) 0000000010000000
Library E:\Program Files (x86)\CAD \Program\TX13_WND.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (Control Window Management Tool/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000760000
Library E:\Program Files (x86)\CAD \Program\TX13.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (TX Text Control core component/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000001190000
Library E:\Program Files (x86)\CAD \Program\TX13_TLS.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3076] (Tool Bars for TX Text Control/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000f70000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\Plugins\imageformats\qico4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:41) 00000000723d0000
Library E:\Program Files (x86)\CAD \Program\tx4ole13.ocx (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (FILE NOT FOUND) 0000000010000000
Library E:\Program Files (x86)\CAD \Program\TX13_WND.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (Control Window Management Tool/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000fb0000
Library E:\Program Files (x86)\CAD \Program\TX13.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (TX Text Control core component/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000001890000
Library E:\Program Files (x86)\CAD \Program\TX13_TLS.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3084] (Tool Bars for TX Text Control/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000001940000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\Plugins\imageformats\qico4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:41) 00000000723d0000
Library E:\Program Files (x86)\CAD \Program\tx4ole13.ocx (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (FILE NOT FOUND) 0000000010000000
Library E:\Program Files (x86)\CAD \Program\TX13_WND.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (Control Window Management Tool/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 00000000009f0000
Library E:\Program Files (x86)\CAD \Program\TX13.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (TX Text Control core component/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000001310000
Library E:\Program Files (x86)\CAD \Program\TX13_TLS.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3092] (Tool Bars for TX Text Control/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000000f40000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\Plugins\imageformats\qico4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:41) 00000000723d0000
Library E:\Program Files (x86)\CAD \Program\tx4ole13.ocx (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (FILE NOT FOUND) 0000000010000000
Library E:\Program Files (x86)\CAD \Program\TX13_WND.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (Control Window Management Tool/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 00000000012d0000
Library E:\Program Files (x86)\CAD \Program\TX13.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (TX Text Control core component/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000001730000
Library E:\Program Files (x86)\CAD \Program\TX13_TLS.DLL (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftTextControlServer.exe [3100] (Tool Bars for TX Text Control/The Imaging Source Europe GmbH)(2014-09-29 08:18:48) 0000000001af0000
Library E:\Program Files (x86)\CAD \Program\smailpp.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (DLL for Hunny Secure Mail++ Library/Hunny Software, Inc)(2014-09-29 08:18:44) 0000000070250000
Library E:\Program Files (x86)\CAD \Program\mimepp.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (DLL for Hunny MIME++ Library/Hunny Software, Inc)(2014-09-29 08:18:41) 000000006f550000
Library E:\Program Files (x86)\CAD \Program\LIBEAY32.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2014-09-29 08:18:41) 000000006c180000
Library E:\Program Files (x86)\CAD \Program\QtGui4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000071630000
Library E:\Program Files (x86)\CAD \Program\QtCore4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 00000000712a0000
Library E:\Program Files (x86)\CAD \Program\QtXml4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 00000000703c0000
Library E:\Program Files (x86)\CAD \Program\QtHelp4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (Help application framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070350000
Library E:\Program Files (x86)\CAD \Program\QtNetwork4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000071540000
Library E:\Program Files (x86)\CAD \Program\QtWebKit4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000070420000
Library E:\Program Files (x86)\CAD \Program\QtSql4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:43) 0000000072710000
Library E:\Program Files (x86)\CAD \Program\SSLEAY32.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2014-09-29 08:18:44) 000000006a940000
Library E:\Program Files (x86)\CAD \Program\QtCLucene4.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-09-29 08:18:42) 0000000070120000
Library E:\Program Files (x86)\CAD \Program\fbclient.dll (*** suspicious ***) @ E:\Program Files (x86)\CAD \Program\TreesoftMailAgent.exe [3108] (Firebird SQL Server/Firebird Project)(2014-09-29 08:18:34) 0000000010000000
---- EOF - GMER 2.1 ----
Danke schonmal an euch! |
|
22.10.2014, 06:24
| #3 |
| /// the machine /// TB-Ausbilder    | Keine Internetverbindung zu manchen Seiten + Popups hi,
__________________Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ |
|
| Themen zu Keine Internetverbindung zu manchen Seiten + Popups |
| antivirus, branding, converter, defender, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 0xc0000024, fehlercode 28, fehlercode windows, firefox, flash player, hängt, league of legends, mozilla, popup, realtek, services.exe, software, spotify web helper, starten, svchost.exe, trojaner, vcredist, windows |
Linear-Darstellung
