| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 8.1 : ADs by SpeedCheck lässt sich nicht entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.01.2015, 21:43
| #1 |
| |  Win 8.1 : ADs by SpeedCheck lässt sich nicht entfernen Nabend  gestern hat sich mein PC mit der Adware "SpeedClick" infiziert. Ich bin der Anleitung ("http://www.trojaner-board.de/158530-...ntfernen.html") komplett gefolgt und trotzdem bekomme ich aufdringliche Werbung auf Websites. Was ich extern getan habe: 2x Bitdefender Total Security 2015 Scan (einmal im normalen Modus und einmal im abgesichterten Modus) Leider besteht das Problem und verzweifle langsam daran. Eigentlich möchte ich nicht meinen Rechner neu aufstellen, da ich schonmal die Adware erfolgreich entfernen konnte. Hier die gefordeten Logs: Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2015
Ran by Robert at 2015-01-10 20:47:02
Running from C:\Users\Robert\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
7-PDF Split & Merge Version 2.3.0 (Build 168) (HKLM-x32\...\7-PDF Split & Merge_is1) (Version: 7-PDF Split & Merge - Version 2.3.0 (Build 168) - 7-PDF, Germany - Thorsten Hodes)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{755DDD59-9690-4F1A-BE9C-D39BDCFA77C9}) (Version: 12.1.3.153 - Adobe Systems, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.19.0.1369 - Bitdefender)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.1.0.50515 - Electronic Arts, Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FileZilla Client 3.9.0.5 (HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.69 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.30 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 340.43 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.103.0 - Overwolf Ltd.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pushbullet version 82 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 82 - Pushbullet Inc)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
UltraEdit (x32 Version: 21.20.1014 - IDM Computer Solutions, Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WarRock (HKLM-x32\...\Warrock EU) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Yawtix (HKLM\...\Yawtix) (Version: 2014.09.16.123229 - Yawtix) <==== ATTENTION!
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-12-2014 14:39:13 Windows Update
27-12-2014 16:43:14 Entfernt GTA San Andreas
30-12-2014 18:57:53 Windows Update
31-12-2014 23:17:33 Windows Live Essentials
31-12-2014 23:19:20 DirectX wurde installiert
02-01-2015 21:49:08 Installing COMODO Internet Security Premium
08-01-2015 21:16:44 Wiederherstellungsvorgang
10-01-2015 13:28:35 AA11
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2015-01-10 02:07 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0542DE6E-0B8E-4C76-B47E-391ECCA65533} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {0BFB7526-A1AB-4E0F-AB2A-AD65C354C985} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {1998C963-0CD0-4084-B39A-9D4D8783269A} - System32\Tasks\Uninstaller_SkipUac_tony-_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-02] (IObit)
Task: {1BF91CC4-B483-4ACB-803A-7B4E851B0CB1} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-02] (IObit)
Task: {2082D7AA-E559-4A92-AA3F-9663EF3A9588} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {22C66599-10F5-4F1E-BB59-AF99F146829B} - System32\Tasks\Driver Booster SkipUAC (tony-_000) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-13] (IObit)
Task: {2D166AB8-E096-49E9-AB49-FF3F31BAC374} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {3494737C-BDBF-439A-BED7-21E682AC452C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {44346465-1EE8-480A-9E1A-93414DB0EA1E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {5B96FBBF-5B1E-443F-828C-462406F53F4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-30] (Adobe Systems Incorporated)
Task: {63DE0EA8-81DE-45A5-A6BF-0189FE134BAC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {6FCD6DD9-5961-44F9-B661-73DCDDF95577} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-04] (Overwolf LTD)
Task: {7E0341B4-5879-4CCF-B8C0-A268D7F7C79F} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {85840291-40AC-4C05-A984-89AB45ECAA6C} - System32\Tasks\Driver Booster SkipUAC (Robert) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-13] (IObit)
Task: {8E94E4ED-15B6-4B56-AF75-68A0E5F00E42} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {9109705B-A402-45F0-AD57-A70ADDFC00EC} - System32\Tasks\Uninstaller_SkipUac_Robert => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-02] (IObit)
Task: {934AA260-D48D-4F80-B53C-0A16C9FF423B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {936E58B3-128F-4B4A-8C2E-718991BC806E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {A61E5497-9EAB-48B8-AB22-BC5FE2B2728D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A7A1A69D-FB5A-4F0A-A793-1FF9BF370DB1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {ABB37D46-8A16-4BEB-8899-7C27DDFE7C95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {ACAB036B-DF86-439D-8C37-C869EA379CB1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {AE5E57C8-BC28-42A1-BB93-2D93E7068080} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {B876D9E4-BFDB-47D8-8C00-2810B6DDB3AE} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {C62378FD-7EAC-409F-A450-34051ED6284C} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {EC972735-1C3A-4161-BB9F-F64DADA6282E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {F0A659FC-AF8B-4202-942D-0649AC51D78D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-09-25] ()
Task: {FC80A6D7-1737-4382-9C59-0B58381A91D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Robert.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_tony-_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Loaded Modules (whitelisted) =============
2015-01-09 14:32 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-09 14:32 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-09 14:32 - 2014-11-19 20:28 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-09 14:32 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-01-09 14:32 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2015-01-09 14:32 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2015-01-09 14:32 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2015-01-09 14:32 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2014-03-29 11:30 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-15 17:13 - 2014-09-15 17:13 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-09 21:30 - 2015-01-07 04:41 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.69\libglesv2.dll
2015-01-09 21:30 - 2015-01-07 04:41 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.69\libegl.dll
2015-01-09 21:30 - 2015-01-07 04:42 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.69\pdf.dll
2015-01-09 21:30 - 2015-01-07 04:42 - 26725704 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.69\PepperFlash\pepflashplayer.dll
2014-02-28 14:33 - 2014-02-28 14:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 14:45 - 2014-02-27 14:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 14:41 - 2014-08-19 23:05 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-02-28 14:41 - 2014-08-19 23:05 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 14:42 - 2014-08-19 23:05 - 00117704 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2014-02-28 14:42 - 2014-08-19 23:05 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 14:42 - 2014-08-19 23:05 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Robert\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Robert\Desktop\Neurodermitis.docx:$CmdZnID
AlternateDataStreams: C:\Users\Robert\Downloads\AdAware115WebInstaller.exe:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\EmsisoftAntiMalware4799Setup.exe:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\FRST.exe:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\OTH.scr:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\sc-cleaner.exe:BDU
AlternateDataStreams: C:\Users\Robert\Downloads\SystemLook_x64.exe:BDU
AlternateDataStreams: C:\Users\tony-_000\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\tony-_000\Desktop\Lariya2Patcher.rar:$CmdZnID
AlternateDataStreams: C:\Users\tony-_000\Downloads\adwcleaner_4.106.exe:$CmdZnID
AlternateDataStreams: C:\Users\tony-_000\Downloads\bitdefender_isecurity_2015.exe:$CmdZnID
AlternateDataStreams: C:\Users\tony-_000\Downloads\esetsmartinstaller_deu.exe:$CmdTcID
AlternateDataStreams: C:\Users\tony-_000\Downloads\esetsmartinstaller_deu.exe:$CmdZnID
AlternateDataStreams: C:\Users\tony-_000\Downloads\JRT641 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\tony-_000\Downloads\JRT641 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\tony-_000\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WindowsProtectManger => 2
HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run32: => "COMPUTER BILD Account-Alarm"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\StartupApproved\Run: => "Browser Infrastructure Helper"
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\StartupApproved\Run: => "Bitdefender-Geldbörse-Agent"
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8CC0C224CAA679A6B63017BE99A17B85"
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
========================= Accounts: ==========================
Administrator (S-1-5-21-524264315-2042341931-3753892847-500 - Administrator - Disabled)
Gast (S-1-5-21-524264315-2042341931-3753892847-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-524264315-2042341931-3753892847-1005 - Limited - Enabled)
Robert (S-1-5-21-524264315-2042341931-3753892847-1001 - Administrator - Enabled) => C:\Users\Robert
tony-_000 (S-1-5-21-524264315-2042341931-3753892847-1006 - Administrator - Enabled) => C:\Users\tony-_000
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/10/2015 08:43:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1568
Startzeit: 01d02d0ce14feb72
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: d74792bf-9900-11e4-83ec-90fba64be106
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 08:06:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 984
Startzeit: 01d02cfc491f1f68
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 21cfc352-98fb-11e4-83ec-90fba64be106
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/10/2015 08:03:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel: 0x427101ca
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x052006f0
ID des fehlerhaften Prozesses: 0x16d4
Startzeit der fehlerhaften Anwendung: 0xgta_sa.exe0
Pfad der fehlerhaften Anwendung: gta_sa.exe1
Pfad des fehlerhaften Moduls: gta_sa.exe2
Berichtskennung: gta_sa.exe3
Vollständiger Name des fehlerhaften Pakets: gta_sa.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: gta_sa.exe5
Error: (01/10/2015 08:02:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1718
Startzeit: 01d02d047e9180d9
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 3e499bab-98fb-11e4-83ec-90fba64be106
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 07:37:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROBERTTONY)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/10/2015 07:27:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1418
Startzeit: 01d02d02658c76b4
Endzeit: 4294967295
Anwendungspfad: C:\Windows\syswow64\wwahost.exe
Berichts-ID: 5c842d3a-98f6-11e4-83ec-90fba64be106
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (01/10/2015 07:00:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 464
Startzeit: 01d02cfe374f9fc8
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 833020c6-98f2-11e4-83ec-90fba64be106
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 06:56:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (01/10/2015 02:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1658
Startzeit: 01d02cdae93a8d11
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: dd3db352-98ce-11e4-83e7-90fba64be106
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 02:40:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROBERTTONY)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (01/10/2015 08:18:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 10" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/10/2015 08:17:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/10/2015 08:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/10/2015 08:17:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/10/2015 08:01:42 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/10/2015 08:01:40 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/10/2015 08:01:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (01/10/2015 08:01:37 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/10/2015 08:01:35 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/10/2015 08:01:32 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Microsoft Office Sessions:
=========================
Error: (01/10/2015 08:43:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689156801d02d0ce14feb724294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exed74792bf-9900-11e4-83ec-90fba64be106microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 08:06:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1741598401d02cfc491f1f680C:\Windows\Explorer.EXE21cfc352-98fb-11e4-83ec-90fba64be106
Error: (01/10/2015 08:03:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.0427101caunknown0.0.0.000000000c0000005052006f016d401d02d043cad9fccC:\Users\Robert\Desktop\GTA - San Andreas\gta_sa.exeunknown621d6df6-98fb-11e4-83ec-90fba64be106
Error: (01/10/2015 08:02:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689171801d02d047e9180d94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe3e499bab-98fb-11e4-83ec-90fba64be106microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 07:37:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROBERTTONY)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147023170
Error: (01/10/2015 07:27:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415141801d02d02658c76b44294967295C:\Windows\syswow64\wwahost.exe5c842d3a-98f6-11e4-83ec-90fba64be106Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (01/10/2015 07:00:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068946401d02cfe374f9fc84294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe833020c6-98f2-11e4-83ec-90fba64be106microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 06:56:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Robert\Downloads\esetsmartinstaller_deu.exe
Error: (01/10/2015 02:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689165801d02cdae93a8d114294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exedd3db352-98ce-11e4-83e7-90fba64be106microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (01/10/2015 02:40:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROBERTTONY)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147023170
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X4 620 Processor
Percentage of memory in use: 64%
Total physical RAM: 2799.61 MB
Available physical RAM: 989.46 MB
Total Pagefile: 5615.61 MB
Available Pagefile: 2213.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:458.95 GB) (Free:130.82 GB) NTFS
Drive d: () (Fixed) (Total:459.46 GB) (Free:453.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6E7E155C)
Partition 1: (Not Active) - (Size=993 KB) - (Type=27)
Partition 2: (Not Active) - (Size=13 GB) - (Type=27)
Partition 3: (Active) - (Size=100 MB) - (Type=42)
Partition 4: (Not Active) - (Size=459 GB) - (Type=42)
==================== End Of Log ============================
Defogger_disable: Code:
ATTFilter /defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:31 on 10/01/2015 (Robert)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015
Ran by Robert (administrator) on ROBERTTONY on 10-01-2015 20:33:07
Running from C:\Users\Robert\Downloads
Loaded Profile: Robert (Available profiles: Robert & tony-_000)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bootlauncher.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Robert\Downloads\OTH.scr
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1626752 2014-11-14] (Bitdefender)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [emsisoft anti-malware] => C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4997872 2014-12-31] (Emsisoft GmbH)
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2015-01-04] (Overwolf LTD)
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-14] (Bitdefender)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-524264315-2042341931-3753892847-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-524264315-2042341931-3753892847-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{904f627b-c079-46ff-8c63-7e7545145c04}: [NameServer] 156.154.70.25,156.154.71.25
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-524264315-2042341931-3753892847-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-09]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-09]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-09]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-09]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-09]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-09]
CHR Extension: (Google-Suche) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-09]
CHR Extension: (Bitdefender Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-01-09]
CHR Extension: (Google Tabellen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-09]
CHR Extension: (Ghostery) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-10]
CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-09]
CHR Extension: (Google Mail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-09]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [31904 2013-08-17] (Microsoft Corporation)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-10-07] (Bitdefender)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2633024 2014-12-12] (IObit)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-04] (Overwolf LTD)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-12] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-06-12] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1527360 2014-11-14] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 CmdAgent; No ImagePath
S3 cmdvirth; No ImagePath
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [807568 2014-12-09] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2014-12-09] (COMODO)
S3 GPCIDrv; No ImagePath
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2015-01-10] ()
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126208 2014-12-09] (COMODO)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 seehcri; C:\Windows\System32\drivers\seehcri.sys [34032 2014-06-16] (Sony Ericsson Mobile Communications)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-08] (Corsica)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 20:33 - 2015-01-10 20:34 - 00021407 _____ () C:\Users\Robert\Downloads\FRST.txt
2015-01-10 20:31 - 2015-01-10 20:31 - 00050477 _____ () C:\Users\Robert\Downloads\Defogger.exe
2015-01-10 20:31 - 2015-01-10 20:31 - 00000474 _____ () C:\Users\Robert\Downloads\defogger_disable.log
2015-01-10 20:31 - 2015-01-10 20:31 - 00000000 _____ () C:\Users\Robert\defogger_reenable
2015-01-10 20:18 - 2015-01-10 20:18 - 00015122 _____ () C:\Users\Robert\Desktop\SystemLook.txt
2015-01-10 20:16 - 2015-01-10 20:16 - 00259584 _____ (OldTimer Tools) C:\Users\Robert\Downloads\OTH.scr
2015-01-10 20:15 - 2015-01-10 20:15 - 00001762 _____ () C:\sc-cleaner.txt
2015-01-10 20:14 - 2015-01-10 20:15 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Robert\Downloads\sc-cleaner.exe
2015-01-10 20:07 - 2015-01-10 20:33 - 00000000 ____D () C:\FRST
2015-01-10 20:06 - 2015-01-10 20:06 - 02124288 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2015-01-10 20:05 - 2015-01-10 20:05 - 01115648 _____ (Farbar) C:\Users\Robert\Downloads\FRST.exe
2015-01-10 19:36 - 2015-01-10 19:36 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-10 19:28 - 2015-01-10 20:30 - 00015120 _____ () C:\Users\Robert\Downloads\SystemLook.txt
2015-01-10 19:27 - 2015-01-10 19:27 - 00165376 _____ () C:\Users\Robert\Downloads\SystemLook_x64.exe
2015-01-10 18:58 - 2015-01-10 19:39 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-01-10 18:58 - 2015-01-10 18:58 - 00001063 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-01-10 18:58 - 2015-01-10 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-01-10 15:26 - 2015-01-10 15:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-10 14:43 - 2015-01-10 14:43 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-01-10 14:36 - 2015-01-10 14:36 - 00000056 _____ () C:\Windows\system32\bdsandbox.txt
2015-01-10 13:32 - 2015-01-10 13:32 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\LavasoftStatistics
2015-01-10 02:07 - 2014-10-15 12:52 - 00450713 ____R () C:\Windows\system32\Drivers\etc\hosts.20150110-020743.backup
2015-01-10 01:51 - 2015-01-10 01:54 - 172265200 _____ (Emsisoft Ltd. ) C:\Users\Robert\Downloads\EmsisoftAntiMalware4799Setup.exe
2015-01-10 01:51 - 2015-01-10 01:51 - 01937320 _____ () C:\Users\Robert\Downloads\AdAware115WebInstaller.exe
2015-01-10 01:37 - 2015-01-10 01:37 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-10 01:22 - 2015-01-10 01:26 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-10 01:22 - 2015-01-10 01:22 - 00001127 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2015-01-10 01:22 - 2015-01-10 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-01-10 01:18 - 2015-01-10 01:22 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Battle.net
2015-01-10 01:18 - 2015-01-10 01:22 - 00000000 ____D () C:\Users\Robert\AppData\Local\Battle.net
2015-01-10 01:18 - 2015-01-10 01:18 - 00001090 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2015-01-10 01:18 - 2015-01-10 01:18 - 00000000 ____D () C:\Users\Robert\AppData\Local\Blizzard Entertainment
2015-01-10 01:18 - 2015-01-10 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-01-10 01:18 - 2015-01-10 01:18 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-10 01:18 - 2015-01-10 01:18 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-10 01:16 - 2015-01-10 01:16 - 00004042 _____ () C:\Windows\system32\.crusader
2015-01-10 01:16 - 2015-01-10 01:16 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-10 00:59 - 2015-01-10 00:59 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-09 21:30 - 2015-01-09 21:30 - 00002227 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-09 21:30 - 2015-01-09 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-09 14:42 - 2015-01-09 14:42 - 00893828 _____ () C:\ProgramData\1420809501.bdinstall.bin
2015-01-09 14:34 - 2015-01-09 14:34 - 00000708 ____H () C:\bdr-cf01
2015-01-09 14:33 - 2015-01-09 14:33 - 00002173 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2015-01-09 14:33 - 2015-01-09 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-09 14:32 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-01-09 14:32 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-01-09 14:32 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-01-09 14:32 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2015-01-09 14:32 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-01-09 14:32 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-01-09 14:32 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-01-09 14:28 - 2015-01-09 14:39 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Bitdefender
2015-01-09 14:28 - 2015-01-09 14:34 - 00253404 ____H () C:\bdr-ld01
2015-01-09 14:28 - 2015-01-09 14:34 - 00009216 ____H () C:\bdr-ld01.mbr
2015-01-09 14:28 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-01-09 14:28 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-01-09 14:18 - 2015-01-09 14:36 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-09 14:18 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-01-08 21:52 - 2015-01-08 21:52 - 00880784 _____ (Google Inc.) C:\Users\tony-_000\Downloads\ChromeSetup.exe
2015-01-08 21:51 - 2015-01-08 22:00 - 00000000 ____D () C:\Users\tony-_000\AppData\Roaming\Bitdefender
2015-01-08 21:29 - 2015-01-08 21:29 - 07040424 _____ () C:\Users\tony-_000\Downloads\bitdefender_isecurity_2015.exe
2015-01-08 21:27 - 2015-01-08 21:27 - 00000000 ____D () C:\Users\tony-_000\Downloads\backups
2015-01-08 21:25 - 2015-01-08 21:25 - 00008569 _____ () C:\Users\tony-_000\Downloads\hijackthis.log
2015-01-08 21:24 - 2015-01-08 21:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\tony-_000\Downloads\HiJackThis204.exe
2015-01-08 21:20 - 2015-01-09 14:33 - 00000598 _____ () C:\Windows\setupact.log
2015-01-08 21:20 - 2015-01-08 21:20 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-08 20:29 - 2015-01-08 20:29 - 02347384 _____ (ESET) C:\Users\tony-_000\Downloads\esetsmartinstaller_deu.exe
2015-01-08 20:24 - 2015-01-08 20:24 - 00000000 ____D () C:\Windows\ERUNT
2015-01-08 20:23 - 2015-01-08 20:23 - 01707939 _____ (Thisisu) C:\Users\tony-_000\Downloads\JRT641 (1).exe
2015-01-08 20:19 - 2015-01-08 20:19 - 00489760 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-08 20:18 - 2015-01-10 15:15 - 00010958 _____ () C:\Windows\PFRO.log
2015-01-08 18:59 - 2015-01-08 19:00 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\tony-_000\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-08 18:31 - 2015-01-08 18:31 - 02173952 _____ () C:\Users\tony-_000\Downloads\adwcleaner_4.106.exe
2015-01-08 18:17 - 2015-01-08 18:17 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchSignup
2015-01-08 18:17 - 2015-01-08 18:17 - 00002343 _____ () C:\Windows\patsearch.bin
2015-01-08 18:17 - 2015-01-08 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
2015-01-08 18:17 - 2015-01-08 18:16 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys
2015-01-08 15:25 - 2015-01-08 15:25 - 00003028 _____ () C:\Windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2015-01-08 15:24 - 2015-01-08 15:24 - 00000000 ____D () C:\Users\Robert\Desktop\SA-RL - Keybinder - by Shift
2015-01-03 17:59 - 2015-01-03 17:59 - 02829868 _____ () C:\Users\tony-_000\Desktop\Lariya2Patcher.rar
2015-01-02 22:24 - 2015-01-10 13:42 - 00000000 ____D () C:\Users\Robert\Desktop\Skybinder v4
2015-01-02 22:23 - 2015-01-02 22:23 - 00000000 ___HD () C:\VTRoot
2015-01-02 22:03 - 2015-01-08 15:52 - 00024596 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-01-02 21:51 - 2015-01-10 20:27 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-01-02 21:51 - 2015-01-02 21:52 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2015-01-02 21:51 - 2015-01-02 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-01-02 21:50 - 2015-01-02 21:50 - 00000000 ____D () C:\ProgramData\Shared Space
2015-01-02 21:49 - 2015-01-02 21:49 - 00000000 ____D () C:\Program Files\COMODO
2015-01-02 21:48 - 2015-01-02 21:51 - 00000000 ____D () C:\ProgramData\Comodo
2015-01-02 21:48 - 2015-01-02 21:48 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-01-02 21:11 - 2015-01-02 21:11 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Apple Computer
2015-01-02 21:10 - 2015-01-02 21:10 - 00001204 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-01-02 21:10 - 2015-01-02 21:10 - 00000000 ____D () C:\Users\Robert\AppData\IObit
2015-01-02 21:09 - 2015-01-02 21:09 - 17528608 _____ (IObit) C:\Users\Robert\Desktop\iobituninstaller.exe
2015-01-01 13:30 - 2015-01-01 21:18 - 00000000 ____D () C:\Users\tony-_000\Desktop\Equalia2
2015-01-01 13:27 - 2015-01-01 13:29 - 1196480872 _____ () C:\Users\tony-_000\Desktop\Equalia2 New Client 2015 v1.rar
2014-12-31 23:21 - 2014-12-31 23:21 - 00000000 ____D () C:\Windows\de
2014-12-31 23:20 - 2014-12-31 23:20 - 00001350 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-12-31 23:20 - 2014-12-31 23:20 - 00001281 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-12-31 23:20 - 2014-12-31 23:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-12-31 23:17 - 2014-12-31 23:22 - 00000000 ____D () C:\Users\Robert\AppData\Local\Windows Live
2014-12-31 23:02 - 2014-12-31 23:42 - 00000000 ____D () C:\Users\Robert\Desktop\silvester 2014
2014-12-30 20:16 - 2014-12-30 20:16 - 00000197 _____ () C:\Windows\system32\2014-12-30-19-16-17.074-AvastVBoxSVC.exe-2780.log
2014-12-30 18:57 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-12-30 18:57 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-12-30 18:57 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-30 18:57 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-30 18:57 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-12-30 18:57 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-30 18:57 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-30 18:57 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-30 18:57 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-30 18:57 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-30 18:57 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-30 18:57 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-12-30 18:57 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-12-30 18:57 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-12-30 18:57 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-12-30 18:57 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-12-30 18:57 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-12-30 18:57 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-12-30 18:57 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-12-30 18:57 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-12-30 18:57 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-12-30 18:57 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2014-12-30 18:57 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-12-30 18:57 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-12-30 18:57 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-12-30 18:57 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-12-30 18:57 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-12-30 18:57 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-12-30 18:57 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-12-30 18:57 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2014-12-30 18:57 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2014-12-30 18:57 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-12-30 18:57 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-30 18:57 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2014-12-30 18:57 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-12-30 18:57 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-12-30 18:57 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-12-30 18:57 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-12-30 18:57 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2014-12-30 18:57 - 2014-11-04 20:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2014-12-30 18:57 - 2014-11-04 20:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2014-12-30 18:57 - 2014-11-04 07:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2014-12-30 18:57 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-12-30 18:57 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-12-30 18:57 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-30 18:57 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-30 18:57 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-30 18:57 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-30 18:57 - 2014-10-29 04:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-12-30 18:57 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-12-30 18:57 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-12-30 18:57 - 2014-10-17 05:56 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-30 18:57 - 2014-10-17 05:56 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-30 18:57 - 2014-10-17 05:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-30 18:57 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-30 18:56 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-12-30 18:56 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-12-30 18:56 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2014-12-30 18:56 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-30 18:56 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-30 18:56 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2014-12-30 18:56 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-12-30 18:56 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-30 18:56 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-30 18:56 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-30 18:56 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-12-30 18:56 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-30 18:56 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-12-30 18:56 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-30 18:56 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-30 18:56 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-30 18:56 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-30 18:56 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-30 18:56 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-12-30 18:56 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-12-30 18:56 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-12-30 18:56 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-12-30 18:56 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2014-12-30 18:56 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2014-12-30 18:56 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2014-12-30 18:56 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2014-12-30 18:56 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-12-30 18:56 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2014-12-30 18:56 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2014-12-30 18:56 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2014-12-30 18:56 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2014-12-30 18:56 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2014-12-30 18:56 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-12-30 18:56 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2014-12-30 18:56 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-12-30 18:56 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-12-30 18:56 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2014-12-30 18:56 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2014-12-30 18:56 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-12-30 18:56 - 2014-11-04 07:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2014-12-30 18:56 - 2014-11-04 07:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-12-30 18:56 - 2014-11-04 07:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2014-12-30 18:56 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-12-30 18:56 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-12-30 18:56 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-12-30 18:56 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-12-30 18:56 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-12-30 18:56 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-12-30 18:56 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-12-30 18:56 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-12-30 18:56 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-12-30 18:56 - 2014-10-26 23:10 - 00390841 _____ () C:\Windows\system32\ApnDatabase.xml
2014-12-30 18:56 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2014-12-30 18:56 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2014-12-30 18:56 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2014-12-30 18:56 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-12-30 18:56 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2014-12-30 18:56 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-12-30 18:56 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-12-29 00:22 - 2014-12-29 00:23 - 07694523 _____ () C:\Users\tony-_000\Desktop\1233 (01).mp4
2014-12-29 00:21 - 2014-12-29 00:21 - 00520011 _____ () C:\Users\tony-_000\Desktop\1233.mp4
2014-12-29 00:19 - 2015-01-08 18:41 - 00000000 ____D () C:\Users\tony-_000\AppData\Roaming\OBS
2014-12-28 14:30 - 2014-12-28 14:30 - 00000000 ____D () C:\Users\Robert\Desktop\ballaskeybinder
2014-12-27 17:22 - 2014-12-27 17:22 - 01199079 _____ () C:\Windows\unins000.exe
2014-12-27 16:55 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Robert\Desktop\GTA - San Andreas
2014-12-27 14:54 - 2014-12-27 14:56 - 695952118 _____ () C:\Users\Robert\Desktop\GTA---San-Andreas.rar
2014-12-26 16:34 - 2014-12-26 16:37 - 11080111 _____ () C:\Users\tony-_000\Desktop\MobberHack_Ultimate_v5.rar
2014-12-26 16:26 - 2014-12-26 16:26 - 00008477 _____ () C:\Users\tony-_000\Desktop\Kick hack by francoiz.rar
2014-12-26 16:19 - 2014-12-26 16:19 - 00047672 _____ () C:\Users\tony-_000\Desktop\ReleaseByVeyZ.rar
2014-12-26 16:03 - 2014-12-26 16:03 - 00378944 _____ () C:\Users\tony-_000\Desktop\EasyFarm´s DLL pack.rar
2014-12-25 20:47 - 2015-01-03 18:11 - 00000000 ____D () C:\Users\tony-_000\Desktop\LariyaClientv1
2014-12-25 18:17 - 2014-12-25 18:17 - 05402820 _____ () C:\t408.4
2014-12-25 18:17 - 2014-12-25 18:17 - 00000000 _____ () C:\t408.3
2014-12-23 22:03 - 2014-12-23 22:03 - 00051154 _____ () C:\Users\tony-_000\Desktop\index.htm
2014-12-23 14:13 - 2014-12-23 14:13 - 02589194 _____ () C:\Users\tony-_000\Desktop\Patcher.rar
2014-12-23 14:13 - 2014-12-23 14:13 - 00933274 _____ () C:\Users\tony-_000\Desktop\pack.rar
2014-12-22 17:14 - 2014-12-22 18:38 - 00000227 _____ () C:\Users\tony-_000\Desktop\Neues Textdokument (2).txt
2014-12-22 15:58 - 2014-12-22 16:35 - 00000763 _____ () C:\Users\tony-_000\Desktop\Neues Textdokument.txt
2014-12-21 18:37 - 2013-07-12 19:23 - 00000000 ____D () C:\Users\Robert\Desktop\left4gore-2.3-windows
2014-12-21 17:14 - 2014-12-21 17:14 - 00000000 ____D () C:\Users\tony-_000\AppData\Local\Red Gate
2014-12-21 17:14 - 2014-12-21 17:14 - 00000000 ____D () C:\Users\tony-_000\AppData\Local\IsolatedStorage
2014-12-21 13:02 - 2015-01-10 20:24 - 01272411 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 18:10 - 2014-12-23 14:14 - 00000000 ____D () C:\Users\tony-_000\Desktop\Arganion2
2014-12-19 20:08 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 20:08 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-13 17:29 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 17:29 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-13 01:30 - 2014-12-13 01:30 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 16:33 - 2014-12-12 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-12 16:32 - 2014-12-12 16:33 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-11 18:13 - 2014-12-31 18:06 - 00000000 ____D () C:\Users\tony-_000\Desktop\Metin2
2014-12-11 17:25 - 2014-12-11 17:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-11 17:18 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 17:18 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 17:18 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-11 17:18 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-11 17:14 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 17:14 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 17:14 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 17:13 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 17:13 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 17:13 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 17:13 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 17:13 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 17:13 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 17:13 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 17:13 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 17:13 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 17:13 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-11 17:13 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 17:13 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 17:13 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 17:13 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-11 17:13 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 17:13 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-11 17:13 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 17:13 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 17:13 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 17:13 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 17:13 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 17:13 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-11 17:13 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 17:13 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 17:13 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-11 17:13 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 17:13 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-11 17:13 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 17:13 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 17:13 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 17:13 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 17:13 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 17:13 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 17:13 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 17:13 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 17:13 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 17:13 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 17:13 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 17:12 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 17:12 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 17:12 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 17:12 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 17:12 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 17:12 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 17:12 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 20:32 - 2014-09-18 14:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 20:31 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\Robert
2015-01-10 20:21 - 2014-06-05 11:58 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\TS3Client
2015-01-10 20:18 - 2014-10-31 18:02 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-10 20:08 - 2014-03-29 11:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-10 20:07 - 2014-03-29 11:16 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-524264315-2042341931-3753892847-1001
2015-01-10 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-10 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-10 18:52 - 2014-03-30 15:18 - 00004973 _____ () C:\Windows\system32\lvcoinst.log
2015-01-10 18:40 - 2014-04-05 12:27 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-10 18:38 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 15:34 - 2014-09-28 20:17 - 00000302 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Robert.job
2015-01-10 15:14 - 2014-12-02 21:26 - 00000000 ____D () C:\AdwCleaner
2015-01-10 14:45 - 2014-04-04 18:04 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\IObit
2015-01-10 14:45 - 2014-03-29 12:37 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-10 13:19 - 2014-10-15 13:46 - 00000255 _____ () C:\Windows\wininit.ini
2015-01-10 02:31 - 2013-08-22 14:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2015-01-10 01:06 - 2014-03-29 18:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-09 23:01 - 2014-10-09 12:08 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-09 21:31 - 2014-03-29 13:39 - 00000000 ____D () C:\Users\Robert\AppData\Local\Google
2015-01-09 21:30 - 2014-03-29 13:39 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-09 16:58 - 2014-08-20 15:28 - 00000000 ____D () C:\Users\Robert\Desktop\Ballas
2015-01-09 14:48 - 2014-09-25 18:13 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-09 14:28 - 2014-09-25 17:42 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-09 14:18 - 2014-09-25 17:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-09 14:11 - 2014-03-29 13:00 - 00000000 ____D () C:\Users\tony-_000
2015-01-09 14:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-08 21:59 - 2014-09-24 13:24 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-524264315-2042341931-3753892847-1006
2015-01-08 21:55 - 2014-03-29 22:19 - 00000000 ____D () C:\Users\tony-_000\AppData\Local\Google
2015-01-08 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-08 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Cursors
2015-01-08 19:29 - 2014-04-05 16:47 - 00000000 ____D () C:\Users\tony-_000\AppData\Roaming\IObit
2015-01-08 19:00 - 2014-03-29 23:52 - 00876032 ___SH () C:\Users\tony-_000\Desktop\Thumbs.db
2015-01-08 18:53 - 2014-04-30 19:11 - 00000000 ____D () C:\Users\tony-_000\AppData\Roaming\TeamViewer
2015-01-08 18:53 - 2014-03-30 14:31 - 00000000 ____D () C:\Users\tony-_000\AppData\Roaming\TS3Client
2015-01-08 15:26 - 2013-09-30 04:56 - 02078098 _____ () C:\Windows\system32\perfh007.dat
2015-01-08 15:26 - 2013-09-30 04:56 - 00595834 _____ () C:\Windows\system32\perfc007.dat
2015-01-08 14:22 - 2014-04-10 17:29 - 00882688 ___SH () C:\Users\Robert\Desktop\Thumbs.db
2015-01-07 17:00 - 2014-12-08 19:42 - 00000000 ____D () C:\Users\tony-_000\Desktop\Warrock EU
2015-01-07 14:01 - 2014-04-05 14:20 - 00000000 ___RD () C:\Users\Robert\Desktop\ROBERT
2015-01-05 11:43 - 2014-04-30 19:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-04 23:28 - 2014-10-02 11:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-04 20:45 - 2014-03-29 11:11 - 00000000 ____D () C:\Users\Robert\AppData\Local\Packages
2015-01-03 23:06 - 2013-09-30 05:14 - 02142682 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 23:00 - 2014-10-27 17:55 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\OBS
2015-01-02 21:34 - 2014-10-02 19:31 - 00000000 ____D () C:\Program Files\ATI
2015-01-02 21:10 - 2014-09-28 20:17 - 00001228 _____ () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-01-02 21:10 - 2014-03-29 12:33 - 00000000 ____D () C:\ProgramData\IObit
2015-01-01 15:55 - 2014-06-29 13:14 - 00000000 ____D () C:\Users\tony-_000\Desktop\Metin2 Hacks
2015-01-01 12:40 - 2014-12-08 19:42 - 00000000 ____D () C:\Nexon
2014-12-31 23:20 - 2014-05-08 19:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-12-31 14:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-30 20:19 - 2014-03-29 13:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-30 20:11 - 2014-03-29 13:05 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-30 19:54 - 2014-10-27 16:43 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-30 19:40 - 2014-09-18 14:08 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-30 19:23 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-12-30 19:23 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-12-30 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-12-30 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2014-12-30 18:59 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-27 17:22 - 2014-09-07 14:29 - 00090126 _____ () C:\Windows\unins000.dat
2014-12-26 21:11 - 2014-11-26 16:57 - 00000943 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-25 18:23 - 2014-09-09 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\vlc
2014-12-25 17:11 - 2014-11-12 16:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-25 17:10 - 2014-11-12 16:39 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-25 17:10 - 2014-11-12 16:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-12-25 17:09 - 2014-11-12 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-24 18:35 - 2014-04-19 18:00 - 00000000 ____D () C:\Users\Robert\.VirtualBox
2014-12-24 17:08 - 2014-04-19 18:00 - 00000000 ____D () C:\Users\Robert\VirtualBox VMs
2014-12-24 14:56 - 2014-03-29 11:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-18 14:51 - 2014-04-05 15:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-14 00:49 - 2014-05-13 18:52 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\FileZilla
2014-12-13 01:30 - 2014-08-10 21:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 01:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-13 01:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-13 01:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 01:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 01:11 - 2014-04-05 15:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-12 16:33 - 2014-03-30 14:44 - 00000000 ____D () C:\Users\tony-_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-11 18:13 - 2014-10-29 17:48 - 00000000 ____D () C:\Program Files (x86)\Metin2
2014-12-11 17:24 - 2014-03-31 19:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 17:15 - 2014-03-31 19:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
C:\Users\Robert\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-30 19:06
==================== End Of Log ============================
|
|
10.01.2015, 22:49
| #2 |
| /// the machine /// TB-Ausbilder    | Win 8.1 : ADs by SpeedCheck lässt sich nicht entfernen hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
| Themen zu Win 8.1 : ADs by SpeedCheck lässt sich nicht entfernen |
| adware, antivirus, bitdefender 2015, browser, computer, defender, desktop, dllhost.exe, entfernen, error, flash player, ftp, helper, hijack, internet, langsam, livecomm.exe, mozilla, nvbackend, problem, programm, scan, security, server, software, svchost.exe, usb, virtualbox, werbung, windows, windowsapps, windowsprotectmanger |
dann auf 
und dann auf 
. 
Linear-Darstellung
