|
Plagegeister aller Art und deren Bekämpfung: Angst vor TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.11.2014, 17:43 | #1 |
| Angst vor Trojaner Guten Abend, ich habe diese Email bekommen und bin durch euch darauf aufmerksam geworden das dort viele Trojaner unterwegs sind, außerdem habe ich bei keinem dieser Anbieter ein Netz. Ich bekam so eine mail schon mal vor ein paar wochen die ich damals geöffnet hatte, seitdem läuft mein Laptop sehr langsam, kann das daran liegen und wenn ja wie kann ich das bereinigen? Bin eine Absoloute Null in Sachen Pc muss ich noch anmerken lg tody Alle Spam-Nachrichten jetzt löschen (Nachrichten, die länger als 30 Tage in "Spam" waren, werden automatisch gelöscht.) Nicht markiert 1&1 De-Mail-Kundenservice 1&1 De-Mail - Ihre Rechnung 137543000210525 vom 20.11.2014 - Rechnung 1&1 Kundenservice Guten Tag, heute erhalten Sie Ihre Rechnung vom 20.11.2014. Sie finden 12:34 Nicht markiert b.hofmann, ich (2) Ihre Festnetz-Rechnung für November 2014 - Am 12. November 2014 09:28 schrieb Vodafone D2 < 18. Nov. Nicht markiert rechnungonline@telekom.de Rechnung 17.11.2014 Nr. 832090 - Sehr geehrte Kundin, sehr geehrter Kunde, mit dieser E-Mail erhalten Sie Ihre aktuelle Rechnung. Die 17. Nov. |
20.11.2014, 17:51 | #2 |
/// the machine /// TB-Ausbilder | Angst vor Trojaner hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
20.11.2014, 18:27 | #3 |
| Angst vor TrojanerFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014 Ran by t0dy (administrator) on TODY on 20-11-2014 18:19:03 Running from C:\Users\t0dy\Downloads Loaded Profile: t0dy (Available profiles: t0dy) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe () C:\Program Files (x86)\Opera\25.0.1614.71\opera_crashreporter.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\msm\McSmtFwk.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\mcupdmgr.exe (McAfee, Inc.) C:\Program Files\mcafee\mqs\QcShm.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-17] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\Run: [iLivid] => "C:\Users\t0dy\AppData\Local\iLivid\iLivid.exe" -autorun HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: E - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: F - "F:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe569-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe5f2-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe62b-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe677-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {563ff7a8-161d-11e4-825e-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {563ffbe3-161d-11e4-825e-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {94161118-fbea-11e3-8257-b8ee651ab1db} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {c5076a6e-02f5-11e4-825c-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df264ccd-fca3-11e3-825b-b8ee651ab1db} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df264f8f-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df264ff7-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df265218-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df26524c-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df265295-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df2652c0-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} SearchScopes: HKLM -> {8480F444-F744-48B3-BF4F-552CD3CC4112} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} SearchScopes: HKLM-x32 -> {8480F444-F744-48B3-BF4F-552CD3CC4112} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> DefaultScope {17113864-241D-4842-BE3B-E0E992F93D38} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=M99D971FB-F41E-4B3C-A8EC-A6D08FC14B58&SearchSource=58&CUI=&UM=5&UP=SPC2CC06E3-D37F-4C7B-94A9-F4EF0F2CBF4C&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {17113864-241D-4842-BE3B-E0E992F93D38} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms} SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} BHO: No Name -> {11111111-1111-1111-1111-110511291116} -> No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Users\t0dy\Desktop\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Users\t0dy\Desktop\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\..\Interfaces\{2C9698EB-3FED-4D59-818D-89B22BB09C0A}: [NameServer] 139.7.30.125 139.7.30.126 Tcpip\..\Interfaces\{F3F5A87B-4C8D-4D5C-8A77-DC1BF6BE72C6}: [NameServer] 139.7.30.125 139.7.30.126 FireFox: ======== FF ProfilePath: C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Users\t0dy\Desktop\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Users\t0dy\Desktop\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF user.js: detected! => C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\user.js FF Extension: Plus-HD-9.1 - C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\Extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [2014-06-26] FF Extension: auto-plugin-checker - C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\Extensions\auto-plugin-checker@jetpack.xpi [2014-06-25] FF Extension: Adblock Plus - C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-25] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-09-06] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-09-06] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hppp&ts=1404084919&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242 CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hppp&ts=1404084919&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242" CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSearchURL: Default -> hxxp://de.search.yahoo.com/search?fr=mcafee&type=A211DE662&p={searchTerms} CHR DefaultSuggestURL: Default -> CHR Profile: C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Plus-HD-9.1) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe [2014-06-25] CHR Extension: (Google Docs) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-26] CHR Extension: (Google Drive) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-26] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26] CHR Extension: (YouTube) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-26] CHR Extension: (Google-Suche) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-26] CHR Extension: (Avast Online Security) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-26] CHR Extension: (Google Wallet) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-26] CHR Extension: (Google Mail) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-20] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-24] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-24] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 0306391416439666mcinstcleanup; C:\Windows\TEMP\030639~1.EXE [827456 2012-01-09] (McAfee, Inc.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-24] (AVAST Software) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed] S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-24] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-24] (globalUpdate) [File not signed] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate) R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) S2 Update SpadeCast; "C:\Program Files (x86)\SpadeCast\updateSpadeCast.exe" [X] S2 Util SpadeCast; "C:\Program Files (x86)\SpadeCast\bin\utilSpadeCast.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation) S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-24] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-24] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-24] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-24] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-24] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-24] () R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2014-07-31] (Huawei Technologies Co., Ltd.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-06-21] (StdLib) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-20 18:19 - 2014-11-20 18:21 - 00030344 _____ () C:\Users\t0dy\Downloads\FRST.txt 2014-11-20 18:18 - 2014-11-20 18:19 - 00000000 ____D () C:\FRST 2014-11-20 18:18 - 2014-11-20 18:18 - 02117120 _____ (Farbar) C:\Users\t0dy\Downloads\FRST64.exe 2014-11-20 03:00 - 2014-11-20 03:05 - 93079061 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e45-sd.mp4 2014-11-20 02:00 - 2014-11-20 02:04 - 102667467 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e46-sd.mp4 2014-11-20 01:55 - 2014-11-20 02:05 - 92547072 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e44-sd.mp4 2014-11-20 01:49 - 2014-11-20 01:55 - 91936753 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e43-sd.mp4 2014-11-20 01:44 - 2014-11-20 01:49 - 94815120 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e42-sd.mp4 2014-11-20 01:37 - 2014-11-20 01:44 - 95504203 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e41-sd.mp4 2014-11-19 21:30 - 2014-11-19 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-11-19 16:14 - 2014-11-19 16:15 - 00793680 _____ () C:\Windows\Minidump\111914-30250-01.dmp 2014-11-19 16:14 - 2014-11-19 16:14 - 807020734 _____ () C:\Windows\MEMORY.DMP 2014-11-19 16:14 - 2014-11-19 16:14 - 00000000 ____D () C:\Windows\Minidump 2014-11-18 22:24 - 2014-11-18 22:24 - 06078245 _____ () C:\Users\t0dy\Downloads\Sextrack Fotzensaft pur.mp4 2014-11-18 18:19 - 2014-11-18 18:42 - 97945922 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e40-sd.mp4 2014-11-12 00:23 - 2014-11-12 00:23 - 00003172 _____ () C:\Windows\System32\Tasks\{3E97DC6A-F479-4B22-A074-8061D3FBC57A} 2014-11-04 09:46 - 2014-11-04 09:46 - 00015250 _____ () C:\Users\t0dy\Desktop\SH Draxler.odt 2014-10-23 12:35 - 2014-09-29 23:45 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-23 12:35 - 2014-09-29 23:45 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-22 09:48 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-22 09:48 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-22 09:48 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-22 09:48 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-10-22 09:48 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll 2014-10-22 09:48 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2014-10-22 09:48 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2014-10-22 09:47 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-22 09:47 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-21 22:30 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-21 22:28 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-21 22:28 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-21 22:28 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-21 22:28 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-21 22:28 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-10-21 22:28 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-10-21 22:28 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-10-21 22:28 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-10-21 22:28 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-10-21 22:28 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-10-21 22:28 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-10-21 22:28 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-10-21 22:28 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-10-21 22:28 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-10-21 22:28 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-10-21 22:28 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-10-21 22:28 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-10-21 22:28 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-10-21 22:28 - 2014-08-16 02:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-21 22:28 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-10-21 22:27 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-21 22:27 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-21 22:27 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-21 22:27 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-21 22:27 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-21 22:27 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-21 22:27 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-21 22:27 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-21 22:27 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-21 22:27 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-21 22:27 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-21 22:27 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-21 22:27 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-21 22:27 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-21 22:27 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-21 22:27 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-21 22:27 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-21 22:27 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-21 22:27 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-21 22:27 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-21 22:27 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-21 22:27 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-21 22:27 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-21 22:27 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-21 22:27 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-21 22:27 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-21 22:27 - 2014-08-16 02:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-21 22:27 - 2014-08-16 02:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-21 22:27 - 2014-08-16 02:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-21 22:27 - 2014-08-16 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-21 22:27 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-21 22:27 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-21 22:25 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-21 22:25 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-21 22:25 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-10-21 22:25 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-10-21 22:25 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-10-21 22:25 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-10-21 22:25 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2014-10-21 22:25 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-10-21 22:25 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-10-21 22:25 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-10-21 22:25 - 2014-08-23 05:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-10-21 22:25 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2014-10-21 22:25 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2014-10-21 22:25 - 2014-08-23 05:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-10-21 22:24 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-21 22:24 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-21 22:24 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-10-21 22:24 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2014-10-21 22:24 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-10-21 22:24 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-10-21 22:24 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-10-21 22:24 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-10-21 22:24 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-10-21 22:24 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2014-10-21 22:24 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-10-21 22:24 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-10-21 22:24 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2014-10-21 22:24 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2014-10-21 22:24 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll 2014-10-21 22:24 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll 2014-10-21 22:24 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2014-10-21 22:24 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2014-10-21 22:24 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll 2014-10-21 22:24 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-10-21 22:24 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll 2014-10-21 22:24 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-10-21 22:24 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2014-10-21 22:24 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2014-10-21 22:24 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll 2014-10-21 22:24 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-10-21 22:24 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2014-10-21 22:24 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2014-10-21 22:24 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll 2014-10-21 22:24 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-21 22:24 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2014-10-21 22:24 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2014-10-21 22:24 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-10-21 22:24 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2014-10-21 22:24 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-21 22:24 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-10-21 22:24 - 2014-08-01 00:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml 2014-10-21 22:24 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2014-10-21 22:24 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2014-10-21 22:24 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2014-10-21 22:24 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-10-21 22:24 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-20 18:17 - 2014-06-24 17:43 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\Skype 2014-11-20 17:59 - 2014-06-26 18:41 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-20 17:50 - 2014-04-07 18:30 - 02065843 _____ () C:\Windows\WindowsUpdate.log 2014-11-20 17:37 - 2014-06-24 18:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-20 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru 2014-11-20 16:46 - 2014-08-25 04:34 - 00000000 ____D () C:\Users\t0dy\AppData\Local\DSWorkbench 2014-11-20 13:51 - 2014-06-24 17:19 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA769BBC-0E89-4E5D-80BB-4A4DFBC4CF04} 2014-11-20 05:25 - 2014-06-24 23:09 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3170407362-2190225718-3599811896-1001 2014-11-20 05:03 - 2014-06-25 23:56 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\vlc 2014-11-20 04:42 - 2014-09-01 16:01 - 00000000 ____D () C:\Users\t0dy\Downloads\film 2014-11-20 01:37 - 2014-07-02 21:21 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-11-20 01:35 - 2014-09-01 16:08 - 00000000 ____D () C:\Users\t0dy\Downloads\serie 2014-11-20 00:38 - 2014-06-24 17:33 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2014-11-20 00:33 - 2014-06-24 17:33 - 00003806 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.job 2014-11-20 00:33 - 2014-06-24 17:33 - 00003124 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.job 2014-11-20 00:33 - 2014-06-24 17:33 - 00002228 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.job 2014-11-20 00:33 - 2014-06-24 17:33 - 00001508 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-1.job 2014-11-20 00:33 - 2014-06-24 17:33 - 00001500 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-6.job 2014-11-19 22:59 - 2014-06-26 18:41 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-19 22:46 - 2014-04-08 04:14 - 00765582 _____ () C:\Windows\system32\perfh007.dat 2014-11-19 22:46 - 2014-04-08 04:14 - 00159366 _____ () C:\Windows\system32\perfc007.dat 2014-11-19 22:46 - 2013-09-06 08:08 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-19 18:38 - 2014-06-24 17:33 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-11-19 16:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-11-19 16:18 - 2014-07-28 07:00 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup 2014-11-19 16:17 - 2014-06-24 19:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-11-19 16:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-11-19 16:15 - 2014-06-24 23:02 - 00000000 ____D () C:\Users\t0dy 2014-11-19 16:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-19 00:06 - 2014-06-25 23:04 - 00003844 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403640512 2014-11-19 00:06 - 2014-06-24 17:26 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-11-19 00:05 - 2014-06-24 21:08 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-11-18 23:38 - 2014-06-24 18:23 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-17 17:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache 2014-11-17 16:11 - 2013-08-22 15:46 - 00095249 _____ () C:\Windows\setupact.log 2014-11-17 16:05 - 2014-06-24 17:10 - 00000000 ____D () C:\ProgramData\DatacardService 2014-11-17 15:58 - 2014-09-08 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC 2014-11-17 15:58 - 2014-09-08 20:23 - 00000000 ____D () C:\Program Files (x86)\mIRC 2014-11-17 15:58 - 2014-09-07 21:52 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\WildTangent 2014-11-17 15:58 - 2014-07-31 07:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner 2014-11-17 15:58 - 2014-07-31 07:32 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner 2014-11-17 15:58 - 2014-07-22 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger 2014-11-17 15:58 - 2014-07-22 00:17 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-11-17 15:58 - 2014-07-21 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-11-17 15:58 - 2014-07-21 00:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-11-17 15:58 - 2014-07-09 05:59 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-11-17 15:58 - 2014-06-25 21:27 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-11-17 15:58 - 2014-06-24 23:05 - 00000000 ____D () C:\Users\t0dy\AppData\Local\clear.fi 2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\Windows\system32\Drivers\NARAx64 2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\Symantec 2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\Norton 2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup 2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\Program Files (x86)\Symantec 2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\Program Files (x86)\Norton Online Backup ARA 2014-11-17 15:58 - 2013-09-06 08:08 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-17 15:58 - 2013-09-06 08:07 - 00000000 ____D () C:\ProgramData\WildTangent 2014-11-17 15:58 - 2013-09-06 08:07 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games 2014-11-17 15:46 - 2014-08-01 11:57 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\Yahoo! 2014-11-17 15:46 - 2014-07-22 00:23 - 00000000 ____D () C:\ProgramData\Yahoo! 2014-11-17 15:46 - 2014-06-24 17:17 - 00000000 ____D () C:\ProgramData\Mobile Partner 2014-11-17 15:46 - 2013-09-06 08:16 - 00000000 ____D () C:\ProgramData\McAfee 2014-11-17 15:46 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration 2014-11-17 15:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-17 14:59 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-11-16 22:54 - 2014-06-26 18:41 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-16 22:54 - 2014-06-26 18:41 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-16 22:26 - 2013-09-06 07:58 - 00023294 _____ () C:\Windows\PFRO.log 2014-11-12 00:30 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-11-12 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer 2014-11-12 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager 2014-11-12 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera 2014-11-12 00:20 - 2014-06-26 18:49 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-12 00:19 - 2014-09-04 00:45 - 00000000 ____D () C:\Users\t0dy\AppData\Local\Adobe 2014-11-08 04:48 - 2014-04-07 18:44 - 00065536 _____ () C:\Windows\system32\spu_storage.bin 2014-11-04 09:46 - 2014-07-03 22:23 - 00000000 ____D () C:\Users\t0dy\Desktop\Filme 2014-10-26 19:01 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-10-24 21:26 - 2014-06-24 18:47 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-10-23 18:54 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\Skype 2014-10-23 12:32 - 2013-08-22 15:44 - 00363224 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-22 21:56 - 2014-08-30 00:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-22 21:56 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal 2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData 2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup 2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup 2014-10-22 21:56 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe 2014-10-22 21:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod 2014-10-22 21:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore 2014-10-22 21:52 - 2014-06-27 00:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-22 19:17 - 2014-06-26 16:35 - 00000000 ____D () C:\Users\t0dy\AppData\Local\Deployment Some content of TEMP: ==================== C:\Users\t0dy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3rutlt.dll C:\Users\t0dy\AppData\Local\Temp\JDSetup130488058623762909.exe C:\Users\t0dy\AppData\Local\Temp\lowproc.exe C:\Users\t0dy\AppData\Local\Temp\mirc736.exe C:\Users\t0dy\AppData\Local\Temp\nsc1243.exe C:\Users\t0dy\AppData\Local\Temp\nsr6AE5.exe C:\Users\t0dy\AppData\Local\Temp\nss7C2.exe C:\Users\t0dy\AppData\Local\Temp\nsvB6B1.exe C:\Users\t0dy\AppData\Local\Temp\nsw76CD.exe C:\Users\t0dy\AppData\Local\Temp\nswE49E.tmp.exe C:\Users\t0dy\AppData\Local\Temp\optprosetup.exe C:\Users\t0dy\AppData\Local\Temp\stubhelper.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite12740.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite27414.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite32289.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite50578.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite59473.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite65036.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite80201.dll C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite83799.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-14 05:05 ==================== End Of Log ============================ Addidition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014 Ran by t0dy at 2014-11-20 18:23:01 Running from C:\Users\t0dy\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated) Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated) Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated) Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated) Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.228 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AMD Catalyst Install Manager (HKLM\...\{4465D909-4FA8-86D2-121C-676BB60E63D7}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.) Download Protect (HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version: - Download Protect) FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated) Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.36 - mIRC Co. Ltd.) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.35 - Huawei Technologies Co.,Ltd) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG) Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation) Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Opera Stable 25.0.1614.71 (HKLM-x32\...\Opera 25.0.1614.71) (Version: 25.0.1614.71 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer) The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Zattoo Live TV (HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\6d7aa3e3bf931c56) (Version: 1.0.0.44 - Zattoo Europa AG) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\t0dy\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) ==================== Restore Points ========================= 04-11-2014 22:00:47 Geplanter Prüfpunkt 17-11-2014 07:24:02 Geplanter Prüfpunkt 17-11-2014 14:40:56 Wiederherstellungsvorgang ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C36C3CD-470C-412D-A0DB-38A803532F3C} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4 => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.exe <==== ATTENTION Task: {0F797B44-552D-4F98-9CC0-4C71E176CCF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.) Task: {11064B3D-D813-4831-93F7-3288CC14A9E5} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated) Task: {169FFF7B-4C79-43BB-ADEB-655EF062124A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-01-15] (Systweak) <==== ATTENTION Task: {2D4BD8DD-6A73-493C-AB3C-DBF6345E2131} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated) Task: {32DFFDBE-6FDD-4230-8007-45D9DFE887B6} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation) Task: {4B4EF700-22F6-4BA6-AFF2-92192CE19AD7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18] (Adobe Systems Incorporated) Task: {546301A8-A38F-4790-8FE8-42EC180792ED} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] () Task: {566B7660-B965-40DE-AEE5-4E3D72938FA1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate) Task: {5F846995-83DC-41BD-964E-5212158849BA} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {8EDCC02D-B897-41D9-B6DD-C3D3C5B4FB2B} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11 => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.exe <==== ATTENTION Task: {97990C96-0FB4-4C1E-B510-51154516B0DF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-03] (Microsoft Corporation) Task: {9975FD7C-2FD9-4E52-A254-59B101D47227} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated) Task: {9A12B064-0A3D-4C35-92AD-C9C39564D92E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate) Task: {A821C2D6-B6C4-4A97-A11C-A0EF0BD5B004} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION Task: {AA0A4CDD-F139-4C05-9AA4-9DC9CF0BF665} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-24] (AVAST Software) Task: {B3C89E84-1B42-49DA-B440-569D1FEAFB4A} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-6 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION Task: {B6F75749-76A0-4CD2-A9FE-27D7F6E146F3} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24] (globalUpdate) <==== ATTENTION Task: {C3136A4A-07DF-4487-BE5A-9E054B61BE27} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3 => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.exe <==== ATTENTION Task: {D7A9A693-3243-4345-A376-B8860C9E1C66} - System32\Tasks\Opera scheduled Autoupdate 1403640512 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-14] (Opera Software) Task: {D9606D05-2FF7-422F-9C34-DBAA03FF67CF} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-1 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION Task: {F56F568E-0ACA-4A7C-A942-C491A2804287} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24] (globalUpdate) <==== ATTENTION Task: {FD705265-470B-4C5E-9ED6-94B3F920466F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.) Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-1.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.job => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.exe <==== ATTENTION Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.job => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.exe <==== ATTENTION Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.job => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.exe <==== ATTENTION Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-6.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-04-07 19:14 - 2013-07-30 17:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00514048 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe 2013-09-07 00:48 - 2013-09-07 00:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-07 00:45 - 2013-09-07 00:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-09-07 00:52 - 2013-09-07 00:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2014-11-19 00:05 - 2014-11-19 00:05 - 00500344 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\opera_crashreporter.exe 2014-11-18 17:25 - 2014-11-18 17:25 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111802\algo.dll 2014-11-20 16:24 - 2014-11-20 16:24 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14112000\algo.dll 2014-06-24 19:00 - 2012-07-25 11:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll 2014-06-24 19:00 - 2014-01-15 17:53 - 01731312 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll 2014-06-24 19:00 - 2012-07-25 11:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL 2014-11-17 15:20 - 2014-07-31 07:32 - 00427008 _____ () C:\Program Files (x86)\Mobile Partner\core.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00264192 _____ () C:\Program Files (x86)\Mobile Partner\sdk.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00011362 _____ () C:\Program Files (x86)\Mobile Partner\mingwm10.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00043008 _____ () C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 02415104 _____ () C:\Program Files (x86)\Mobile Partner\QtCore4.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 09515520 _____ () C:\Program Files (x86)\Mobile Partner\QtGui4.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00382464 _____ () C:\Program Files (x86)\Mobile Partner\Proxy.DLL 2014-11-17 15:20 - 2014-07-31 07:32 - 00218112 _____ () C:\Program Files (x86)\Mobile Partner\Common.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00135168 _____ () C:\Program Files (x86)\Mobile Partner\Trace.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00545280 _____ () C:\Program Files (x86)\Mobile Partner\PluginContainer.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00238080 _____ () C:\Program Files (x86)\Mobile Partner\AtCodec.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00301056 _____ () C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00237568 _____ () C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00133120 _____ () C:\Program Files (x86)\Mobile Partner\OSDialup.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00159744 _____ () C:\Program Files (x86)\Mobile Partner\XCodec.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00157184 _____ () C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00176128 _____ () C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00264704 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00217600 _____ () C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00142336 _____ () C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00156672 _____ () C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00338432 _____ () C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00065536 _____ () C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00114688 _____ () C:\Program Files (x86)\Mobile Partner\Win7Support.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 01078272 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00670720 _____ () C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00550400 _____ () C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00547840 _____ () C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00158720 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00211968 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00101376 _____ () C:\Program Files (x86)\Mobile Partner\OSAdapt.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00180224 _____ () C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00131072 _____ () C:\Program Files (x86)\Mobile Partner\OSNDIS.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 01101824 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00278528 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00062976 _____ () C:\Program Files (x86)\Mobile Partner\OSCall.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00538624 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00398336 _____ () C:\Program Files (x86)\Mobile Partner\QtXml4.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00123392 _____ () C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00184832 _____ () C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00307200 _____ () C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00117760 _____ () C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll 2014-11-17 15:20 - 2014-07-31 07:32 - 00441856 _____ () C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00093184 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00333824 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00295424 _____ () C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00484352 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll 2014-07-31 07:32 - 2014-07-31 07:32 - 00209408 _____ () C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll 2014-06-24 19:20 - 2014-06-24 19:20 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-11-19 00:05 - 2014-11-19 00:04 - 00156792 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\message_center_win8.dll 2014-04-07 19:14 - 2013-07-30 17:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll 2014-11-19 00:05 - 2014-11-19 00:04 - 01310328 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\libglesv2.dll 2014-11-19 00:05 - 2014-11-19 00:04 - 00219256 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\libegl.dll 2014-11-19 00:05 - 2014-11-19 00:05 - 09218168 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\pdf.dll 2014-11-19 00:05 - 2014-11-19 00:04 - 00991864 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\ffmpegsumo.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00036371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00026131 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00171027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 10396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00724499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00026643 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00555027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00113683 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00053779 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00016915 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00020499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00067091 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll 2014-02-05 02:32 - 2014-02-05 02:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 2014-02-05 02:31 - 2014-02-05 02:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKCU\...\StartupApproved\Run: => "iLivid" HKCU\...\StartupApproved\Run: => "Messenger (Yahoo!)" ========================= Accounts: ========================== Administrator (S-1-5-21-3170407362-2190225718-3599811896-500 - Administrator - Disabled) Gast (S-1-5-21-3170407362-2190225718-3599811896-501 - Limited - Disabled) t0dy (S-1-5-21-3170407362-2190225718-3599811896-1001 - Administrator - Enabled) => C:\Users\t0dy ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/20/2014 05:30:40 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (11/19/2014 11:06:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/19/2014 04:23:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (11/18/2014 09:19:09 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/17/2014 05:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1188) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU008D1.log. System errors: ============= Error: (11/20/2014 04:25:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: %%127 Error: (11/20/2014 04:25:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: %%127 Error: (11/20/2014 03:26:32 PM) (Source: DCOM) (EventID: 10010) (User: tody) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/20/2014 03:26:02 PM) (Source: DCOM) (EventID: 10010) (User: tody) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/20/2014 01:47:52 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (11/20/2014 05:26:37 AM) (Source: DCOM) (EventID: 10010) (User: tody) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/20/2014 05:26:07 AM) (Source: DCOM) (EventID: 10010) (User: tody) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/19/2014 08:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: %%127 Error: (11/19/2014 08:20:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: %%127 Error: (11/19/2014 04:18:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: %%127 Microsoft Office Sessions: ========================= Error: (11/20/2014 05:30:40 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4 Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4 Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4 Error: (11/19/2014 11:06:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/19/2014 04:23:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4 Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4 Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4 Error: (11/18/2014 09:19:09 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (11/17/2014 05:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost1188SRUJet: C:\Windows\system32\SRU\SRU008D1.log-1811 (0xfffff8ed) ==================== Memory info =========================== Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics Percentage of memory in use: 86% Total physical RAM: 3525.01 MB Available physical RAM: 490.82 MB Total Pagefile: 10437.01 MB Available Pagefile: 2650.95 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:914.56 GB) (Free:857.86 GB) NTFS Drive d: (MANAGER14) (CDROM) (Total:5.85 GB) (Free:0 GB) CDFS Drive e: (Surfstick) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:662.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 5DF1DD61) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3CF250A7) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
21.11.2014, 16:17 | #4 |
/// the machine /// TB-Ausbilder | Angst vor Trojaner Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Angst vor Trojaner |
aktuelle, anbieter, angst, automatisch, bereinigen, bieter, email, erhalte, erhalten, guten, heute, langsam, laptop, länger, löschen, november, rechnung, sache, sachen, seitdem, troja, trojaner, unterwegs, woche, wochen |