![]() |
Log-Analyse und Auswertung: Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #31 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.ACode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2015 Ran by Admin at 2015-02-08 12:59:50 Run:4 Running from C:\Users\Admin\Desktop Loaded Profiles: Admin (Available profiles: Admin) Boot Mode: Normal ============================================== Content of fixlist: ***************** reg: reg delete "HKLM\SOFTWARE\shopperz" /f reg: reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f Emptytemp: ***************** ========= reg delete "HKLM\SOFTWARE\shopperz" /f ========= FEHLER: Zugriff verweigert ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f ========= FEHLER: Zugriff verweigert ========= End of Reg: ========= EmptyTemp: => Removed 371 MB temporary data. The system needed a reboot. ==== End of Fixlog 13:00:01 ==== |
![]() | #32 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Bitte mal in den Safe Mode booten und den Fix wiederholen.
__________________ |
![]() | #33 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Hmmm
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2015 Ran by Admin at 2015-02-08 18:39:16 Run:5 Running from C:\Users\Admin\Desktop Loaded Profiles: Admin (Available profiles: Admin) Boot Mode: Safe Mode (minimal) ============================================== Content of fixlist: ***************** reg: reg delete "HKLM\SOFTWARE\shopperz" /f reg: reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f Emptytemp: ***************** ========= reg delete "HKLM\SOFTWARE\shopperz" /f ========= FEHLER: Zugriff verweigert ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f ========= FEHLER: Zugriff verweigert ========= End of Reg: ========= EmptyTemp: => Removed 113 MB temporary data. The system needed a reboot. ==== End of Fixlog 18:39:27 ==== |
![]() | #34 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Jetzt nervt der Kollege aber. Bitte einen FRST scan aus der Recovery, aber bitte unter Whitelist alle Halen raus. UNd FRST bitte neu auf den Stick laden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #35 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Haha, glaube mir, ich wünsche auch es wäre anders. ![]() FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015 Ran by SYSTEM on MININT-UCJFMHT on 08-02-2015 22:16:23 Running from H:\ Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Englisch (USA) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (All) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-15] (NVIDIA Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-14] (Apple Inc.) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation) HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-24] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-24] (Microsoft Corporation) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKU\Admin\...\Policies\system: [DisableRegistryTools] 0 HKU\Admin\...\Policies\system: [DisableTaskMgr] 0 HKU\Default\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKU\Default\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Default User\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: credssp.dll SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File BootExecute: autocheck autochk * AlternateShell: cmd.exe ==================== Services (All) ======================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2015-02-06] (Adobe Systems Incorporated) S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation) S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation) S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation) S3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-26] (Microsoft Corporation) S2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2014-10-07] (Apple Inc.) S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-13] (Microsoft Corporation) S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation) S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-06] () S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation) S2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2014-10-02] (Microsoft Corporation) S2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2014-10-02] (Microsoft Corporation) S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation) S2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) S3 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) S2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.) S3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation) S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-20] (Microsoft Corporation) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation) S2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-08] (Microsoft Corporation) S2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-08] (Microsoft Corporation) S2 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-20] (Microsoft Corporation) S2 cvhsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822504 2013-04-22] (Microsoft Corporation) S2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation) S2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) S2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) S2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-02] (Microsoft Corporation) S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) S2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation) S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation) S2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) S2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation) S2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation) S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation) S3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation) S2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2014-06-25] (Microsoft Corporation) S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-20] (Microsoft Corporation) S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-15] (NVIDIA Corporation) S2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation) S3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation) S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-06-30] (Microsoft Corporation) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-21] (Microsoft Corporation) S2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation) S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation) S2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [643880 2014-10-14] (Apple Inc.) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation) S2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) S2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation) S2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation) S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616 2013-09-16] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-20] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-20] (Malwarebytes Corporation) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-26] (Mozilla Foundation) S2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation) S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation) S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation) S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) S3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation) S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) S3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation) S3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) S2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2014-12-05] (Microsoft Corporation) S2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-15] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-15] (NVIDIA Corporation) S2 nvsvc; C:\Windows\system32\nvvsvc.exe [935056 2015-01-09] (NVIDIA Corporation) S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2011-04-05] (Microsoft Corporation) S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2011-04-05] (Microsoft Corporation) S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation) S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation) S2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation) S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-13] (Microsoft Corporation) S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation) S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation) S2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation) S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation) S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation) S2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation) S2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-18] (Microsoft Corporation) S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation) S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation) S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation) S2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation) S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation) S2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) S2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.) S2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation) S2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation) S2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation) S2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation) S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation) S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) S2 sftlist; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944 2013-06-26] (Microsoft Corporation) S3 sftvsa; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528 2013-06-26] (Microsoft Corporation) S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation) S2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) S2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation) S2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-10] (Microsoft Corporation) S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation) S3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation) S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation) S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-11-18] (Valve Corporation) S2 Stereo Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2015-01-09] (NVIDIA Corporation) S3 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-13] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation) S2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation) S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-13] (Microsoft Corporation) S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) S2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation) S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation) S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-20] (Microsoft Corporation) S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation) S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) S2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation) S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation) S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation) S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) S3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation) S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation) S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation) S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation) S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation) S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation) S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation) S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) S2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation) S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-02] (Microsoft Corporation) S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-02] (Microsoft Corporation) S2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation) S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation) S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation) S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) S2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation) S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-03] (Microsoft Corporation) S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation) S2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation) S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation) S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} ==================== Drivers (All) ========================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) S0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.) S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.) S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.) S1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-29] (Microsoft Corporation) S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] (Microsoft Corporation) S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.) S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] (Microsoft Corporation) S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-13] (Microsoft Corporation) S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-13] (Microsoft Corporation) S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-10] (Advanced Micro Devices) S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.) S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-10] (Advanced Micro Devices) S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation) S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-13] (Adaptec, Inc.) S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [140032 2013-08-16] (ASMedia Technology Inc) S3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [424192 2013-08-16] (ASMedia Technology Inc) S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation) S0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation) S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) S5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] (Microsoft Corporation) S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation) S1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation) S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation) S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.) S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) S1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [35320 2015-01-28] () S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation) S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation) S1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] (Microsoft Corporation) S0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation) S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation) S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.) S0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation) S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-13] (Microsoft Corporation) S3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation) S1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-20] (Microsoft Corporation) S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation) S0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] (Microsoft Corporation) S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-20] (Microsoft Corporation) S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation) S3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-08] (Disc Soft Ltd) S3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-15] (Microsoft Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-13] (Emulex) S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation) S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation) S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation) S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-13] (Microsoft Corporation) S0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation) S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation) S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation) S0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation) S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation) S0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-02-29] (Microsoft Corporation) S0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-23] (Microsoft Corporation) S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation) S3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.) S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation) S3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation) S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] (Microsoft Corporation) S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] (Microsoft Corporation) S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company) S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation) S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation) S0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [644968 2013-08-07] (Intel Corporation) S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-10] (Intel Corporation) S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH) S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3692632 2013-10-22] (Realtek Semiconductor Corp.) S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] (Microsoft Corporation) S3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation) S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation) S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] (Microsoft Corporation) S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-03] (Microsoft Corporation) S0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [20464 2013-04-25] (Intel Corporation) S3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [368112 2013-04-25] (Intel Corporation) S3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [786416 2013-04-25] (Intel Corporation) S3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation) S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) S0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-04-11] (Microsoft Corporation) S0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155064 2014-10-13] (Microsoft Corporation) S3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation) S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation) S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-13] (LSI Corporation) S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-13] (LSI Corporation) S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation) S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation) S2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-20] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-08] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-20] (Malwarebytes Corporation) S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-13] (LSI Corporation) S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.) S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation) S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation) S3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation) S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation) S0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] (Microsoft Corporation) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation) S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [141312 2014-12-18] (Microsoft Corporation) S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-26] (Microsoft Corporation) S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-08] (Microsoft Corporation) S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-26] (Microsoft Corporation) S0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation) S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation) S1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation) S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation) S0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation) S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation) S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation) S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation) S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation) S1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation) S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation) S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation) S0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation) S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation) S0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation) S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation) S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation) S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation) S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation) S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-13] (IBM Corporation) S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) S1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation) S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation) S3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-23] (Microsoft Corporation) S1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation) S3 nusb3hub; C:\Windows\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Renesas Electronics Corporation) S3 nusb3xhc; C:\Windows\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Renesas Electronics Corporation) S3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [195728 2014-10-09] (NVIDIA Corporation) S3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [10274448 2015-01-10] (NVIDIA Corporation) S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-10] (NVIDIA Corporation) S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-10] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-15] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation) S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation) S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-13] (Microsoft Corporation) S0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-16] (Microsoft Corporation) S0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation) S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-13] (Microsoft Corporation) S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation) S0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation) S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation) S3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-13] (Microsoft Corporation) S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-13] (QLogic Corporation) S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-13] (QLogic Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation) S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation) S3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation) S3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation) S3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation) S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation) S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-20] (Microsoft Corporation) S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation) S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation) S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation) S0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation) S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation) S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [883928 2013-08-26] (Realtek ) S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-05-14] (Realtek Semiconductor Corporation ) S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-20] (Microsoft Corporation) S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) S2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-13] (Microsoft Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Microsoft Corporation) S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-13] (Microsoft Corporation) S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation) S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation) S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation) S3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation) S3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation) S3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation) S3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation) S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.) S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems) S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation) S0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation) S3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-28] (Microsoft Corporation) S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-28] (Microsoft Corporation) S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-28] (Microsoft Corporation) S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-13] (Promise Technology) S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-20] (Microsoft Corporation) S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-20] (Microsoft Corporation) S3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation) S0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation) S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation) S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation) S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation) S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2014-11-10] (Microsoft Corporation) S1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-20] (Microsoft Corporation) S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-16] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation) S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation) S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-13] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation) S3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation) S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-13] (Microsoft Corporation) S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation) S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation) S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-26] (Microsoft Corporation) S3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2009-07-13] (Microsoft Corporation) S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-13] (Microsoft Corporation) S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-10] (Microsoft Corporation) S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2009-07-13] (Microsoft Corporation) S0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation) S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation) S1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation) S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation) S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.) S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-20] (Microsoft Corporation) S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-20] (Microsoft Corporation) S0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation) S0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation) S0 volsnap; C:\Windows\System32\drivers\volsnap.sys [296320 2011-02-24] (Microsoft Corporation) S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd) S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation) S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation) S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-13] (Microsoft Corporation) S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-13] (Microsoft Corporation) S0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation) S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation) S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation) S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation) S3 Winsock; No ImagePath S3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation) S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation) S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 13:10 - 2015-02-08 13:10 - 02132992 _____ (Farbar) C:\Users\Admin\Desktop\FRST64(2).exe 2015-02-08 13:10 - 2015-02-08 13:10 - 02132992 _____ (Farbar) C:\Users\Admin\Desktop\FRST64(1).exe 2015-02-07 02:42 - 2015-02-08 03:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\1B4F188C.sys 2015-02-04 13:09 - 2015-02-05 03:32 - 00002604 _____ () C:\Users\Admin\Desktop\mwabbb.txt 2015-02-01 08:05 - 2015-02-01 08:05 - 00003262 _____ () C:\Windows\System32\Tasks\{0DEBC4D0-6032-4947-B911-088530A42635} 2015-02-01 08:00 - 2015-02-01 08:00 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Desktop\revosetup95.exe 2015-02-01 08:00 - 2015-02-01 08:00 - 00001264 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk 2015-02-01 08:00 - 2015-02-01 08:00 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-02-01 07:59 - 2015-02-01 07:59 - 00002070 _____ () C:\Users\Admin\Desktop\regfix.reg 2015-02-01 03:17 - 2015-02-05 06:25 - 00011174 _____ () C:\Users\Admin\Desktop\SystemLook.txt 2015-02-01 03:02 - 2015-02-01 03:02 - 00165376 _____ () C:\Users\Admin\Desktop\SystemLook_x64.exe 2015-01-31 15:04 - 2006-07-27 22:32 - 00007005 ____N () C:\Users\Admin\Desktop\Eula.txt 2015-01-31 11:21 - 2015-02-06 05:35 - 00001397 _____ () C:\Users\Admin\Desktop\mwab.txt 2015-01-31 05:07 - 2015-02-08 03:59 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion 2015-01-31 05:05 - 2015-01-31 05:05 - 00852573 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe 2015-01-31 05:02 - 2015-01-31 05:02 - 00000857 _____ () C:\Users\Admin\Desktop\gf.txt 2015-01-31 03:40 - 2015-01-31 03:40 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe 2015-01-30 09:51 - 2015-01-30 09:51 - 00000625 _____ () C:\Users\Admin\Desktop\JRT.txt 2015-01-30 09:48 - 2015-01-30 09:49 - 01707939 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe 2015-01-30 09:44 - 2015-01-30 09:45 - 00000000 ____D () C:\AdwCleaner 2015-01-30 09:43 - 2015-01-30 09:43 - 02194432 _____ () C:\Users\Admin\Desktop\AdwCleaner_4.109.exe 2015-01-30 07:51 - 2015-01-30 07:51 - 00001395 _____ () C:\Users\Admin\Desktop\mbam.txt 2015-01-30 07:05 - 2015-01-30 07:05 - 00010938 _____ () C:\Users\Admin\Desktop\Gmer.txt 2015-01-30 06:55 - 2015-01-30 06:55 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357.exe 2015-01-30 06:54 - 2015-02-03 13:55 - 00036728 _____ () C:\Users\Admin\Desktop\FRST.txt 2015-01-30 06:54 - 2015-01-30 06:54 - 00024462 _____ () C:\Users\Admin\Desktop\Addition.txt 2015-01-30 06:53 - 2015-02-08 22:16 - 00000000 ____D () C:\FRST 2015-01-30 06:53 - 2015-02-08 03:59 - 02132992 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2015-01-30 06:51 - 2015-01-30 06:51 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe 2015-01-30 06:51 - 2015-01-30 06:51 - 00000542 _____ () C:\Users\Admin\Desktop\defogger_disable.log 2015-01-30 06:51 - 2015-01-30 06:51 - 00000168 _____ () C:\Users\Admin\defogger_reenable 2015-01-30 05:22 - 2015-01-30 05:22 - 00000000 _____ () C:\autoexec.bat 2015-01-29 16:01 - 2015-02-04 15:55 - 00000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-01-29 15:56 - 2015-01-29 15:56 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin 2015-01-29 05:21 - 2015-01-31 11:28 - 00000000 ____D () C:\Windows\ERUNT 2015-01-29 04:49 - 2015-02-08 09:40 - 00007067 _____ () C:\Windows\setupact.log 2015-01-29 04:49 - 2015-02-08 03:31 - 00008592 _____ () C:\Windows\PFRO.log 2015-01-29 04:49 - 2015-01-29 04:49 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-29 04:48 - 2015-01-29 04:48 - 00009650 _____ () C:\Windows\System32\.crusader 2015-01-29 04:40 - 2015-01-29 04:48 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-01-28 08:12 - 2015-02-01 11:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-01-28 07:44 - 2015-01-28 07:44 - 00000044 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG 2015-01-28 06:52 - 2015-01-28 06:52 - 00000000 ____D () C:\Windows\SysWOW64\Flash 2015-01-28 06:48 - 2015-01-28 06:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Opera Software 2015-01-28 06:48 - 2015-01-28 06:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Opera Software 2015-01-28 06:45 - 2015-01-28 06:45 - 00035320 _____ () C:\Windows\System32\Drivers\bsdriver.sys 2015-01-28 06:45 - 2015-01-28 06:45 - 00000000 ____D () C:\Program Files (x86)\download Manager 2015-01-28 06:44 - 2015-01-28 08:10 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.31 2015-01-28 06:44 - 2015-01-28 06:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\Pirates 2015-01-28 06:44 - 2015-01-28 06:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Pirates854 2015-01-28 06:44 - 2015-01-28 06:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google 2015-01-28 06:10 - 2015-01-28 08:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\10793 2015-01-28 05:57 - 2015-01-28 05:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2015-01-28 05:56 - 2015-01-28 05:56 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList 2015-01-28 05:56 - 2015-01-28 05:56 - 00000000 ____D () C:\Program Files\Adobe Photoshop CS5 (64 Bit) 2015-01-28 05:55 - 2015-01-28 05:56 - 00000000 ____D () C:\Program Files (x86)\Adobe Photoshop CS5 2015-01-28 05:54 - 2015-01-28 05:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-01-28 05:54 - 2015-01-28 05:54 - 00000000 ____D () C:\Program Files (x86)\Adobe Device Central CS5 2015-01-28 05:54 - 2015-01-28 05:54 - 00000000 ____D () C:\Program Files (x86)\Adobe Bridge CS5 2015-01-28 05:51 - 2015-01-29 14:46 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-01-28 05:51 - 2015-01-28 05:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2015-01-28 05:51 - 2015-01-28 05:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2015-01-28 05:51 - 2015-01-28 05:51 - 00000000 ____D () C:\Program Files (x86)\Adobe Extension Manager CS5 2015-01-28 05:44 - 2015-01-30 04:18 - 00000000 ____D () C:\ProgramData\Adobe 2015-01-28 05:44 - 2015-01-29 15:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2015-01-28 05:21 - 2015-01-29 15:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2015-01-27 15:51 - 2015-02-08 12:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2015-01-27 11:07 - 2015-01-30 04:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2015-01-26 16:00 - 2015-01-26 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-26 06:41 - 2015-01-26 06:50 - 00000000 ____D () C:\Program Files (x86)\EA GAMES 2015-01-26 06:33 - 2015-01-26 06:41 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts 2015-01-26 03:47 - 2015-01-27 03:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-01-25 14:39 - 2015-01-25 14:39 - 00002402 _____ () C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk 2015-01-25 14:20 - 2015-01-25 14:20 - 00000000 ____D () C:\Program Files (x86)\SquareEnix 2015-01-25 10:34 - 2015-01-09 14:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-01-25 10:32 - 2015-01-12 20:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys 2015-01-25 10:32 - 2015-01-10 00:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6434725.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6434725.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll 2015-01-25 10:32 - 2015-01-10 00:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-01-21 16:08 - 2015-01-24 03:44 - 00794624 _____ () C:\Users\Admin\Documents\FFXIV_ACT_Plugin.dll 2015-01-15 10:56 - 2015-02-06 05:18 - 00000000 ____D () C:\Windows\SysWOW64\DCS 2015-01-14 14:29 - 2015-01-14 14:29 - 00000000 ____D () C:\Users\Admin\Documents\Razer 2015-01-14 14:08 - 2015-01-14 14:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer 2015-01-14 14:00 - 2014-12-09 14:21 - 00037184 _____ (Razer, Inc.) C:\Windows\System32\Drivers\rzpmgrk.sys 2015-01-14 13:28 - 2015-02-08 13:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-14 13:28 - 2015-02-06 06:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-14 04:40 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll 2015-01-14 04:40 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys 2015-01-14 04:40 - 2014-12-11 21:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2015-01-14 04:40 - 2014-12-11 21:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll 2015-01-14 04:40 - 2014-12-11 21:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe 2015-01-14 04:40 - 2014-12-11 21:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll 2015-01-14 04:40 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 04:40 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 04:40 - 2014-12-11 21:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 04:40 - 2014-12-11 09:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe 2015-01-14 04:40 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\System32\nlasvc.dll 2015-01-14 04:40 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 04:40 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-11 17:26 - 2015-01-11 17:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SYSTEMAX Software Development 2015-01-11 17:26 - 2015-01-11 17:26 - 00000000 ____D () C:\ProgramData\SYSTEMAX Software Development 2015-01-11 15:52 - 2015-01-11 15:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\NVIDIA 2015-01-09 05:41 - 2015-01-09 05:41 - 00000000 ____D () C:\ProgramData\Package Cache ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 13:11 - 2014-06-24 22:47 - 01873565 _____ () C:\Windows\WindowsUpdate.log 2015-02-08 13:11 - 2009-07-13 20:45 - 00026240 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-08 13:11 - 2009-07-13 20:45 - 00026240 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-08 13:00 - 2014-12-31 07:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Advanced Combat Tracker 2015-02-08 09:40 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-08 09:39 - 2014-06-24 23:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-08 08:18 - 2015-01-02 13:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client 2015-02-08 08:06 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-07 02:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Globalization 2015-02-06 06:11 - 2015-01-07 07:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-06 06:11 - 2015-01-07 07:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-05 03:22 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2015-02-04 15:43 - 2010-11-20 23:17 - 00000000 ____D () C:\Windows\ShellNew 2015-02-03 13:57 - 2014-06-25 08:40 - 00700906 _____ () C:\Windows\System32\perfh007.dat 2015-02-03 13:57 - 2014-06-25 08:40 - 00150286 _____ () C:\Windows\System32\perfc007.dat 2015-02-03 13:57 - 2009-07-13 21:13 - 01625650 _____ () C:\Windows\System32\PerfStringBackup.INI 2015-02-01 11:24 - 2014-06-24 23:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SoftGrid Client 2015-02-01 11:18 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\GroupPolicy 2015-02-01 08:07 - 2015-01-03 13:05 - 00000000 ___RD () C:\Users\Admin\FanFics 2015-01-30 07:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF 2015-01-30 06:51 - 2014-06-24 22:47 - 00000000 ____D () C:\users\Admin 2015-01-29 04:45 - 2015-01-08 14:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2015-01-29 04:45 - 2015-01-03 10:36 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-01-29 04:44 - 2014-06-25 08:41 - 00000000 ____D () C:\Windows\Panther 2015-01-29 04:33 - 2009-07-13 20:45 - 00000000 ____D () C:\Windows\Setup 2015-01-28 08:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas 2015-01-28 08:12 - 2014-06-24 22:59 - 00058016 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-28 08:12 - 2009-07-13 20:45 - 04823912 _____ () C:\Windows\System32\FNTCACHE.DAT 2015-01-28 08:09 - 2009-07-13 18:34 - 00000505 _____ () C:\Windows\win.ini 2015-01-28 06:55 - 2014-12-31 13:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-28 03:04 - 2014-12-31 13:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-25 14:20 - 2014-06-24 22:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-25 10:34 - 2014-06-24 23:04 - 00000000 ____D () C:\Temp 2015-01-21 16:12 - 2015-01-02 14:03 - 00000000 ____D () C:\Program Files (x86)\Advanced Combat Tracker 2015-01-15 22:41 - 2014-12-11 21:54 - 01756424 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll 2015-01-15 22:41 - 2014-12-11 21:54 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-01-15 22:41 - 2014-06-24 23:13 - 01514528 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll 2015-01-15 22:41 - 2014-06-24 23:13 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-01-14 14:29 - 2015-01-03 15:21 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer_Inc 2015-01-14 14:00 - 2015-01-03 15:20 - 00000000 ____D () C:\ProgramData\Razer 2015-01-14 14:00 - 2015-01-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Razer 2015-01-14 13:24 - 2014-06-25 02:37 - 00000000 ____D () C:\Windows\System32\MRT 2015-01-14 13:23 - 2014-06-25 02:37 - 113365784 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2015-01-10 00:07 - 2014-12-31 06:46 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-01-10 00:07 - 2014-12-31 06:46 - 00027441 _____ () C:\Windows\System32\nvinfo.pb 2015-01-10 00:07 - 2014-12-11 21:52 - 18566296 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll 2015-01-10 00:07 - 2014-12-11 21:52 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-01-10 00:07 - 2014-12-11 21:52 - 03298816 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll 2015-01-10 00:07 - 2014-06-24 23:11 - 00073872 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll 2015-01-10 00:07 - 2014-06-24 23:11 - 00060744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-01-09 15:30 - 2014-06-24 23:12 - 06860432 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2015-01-09 15:30 - 2014-06-24 23:12 - 03517256 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2015-01-09 15:29 - 2014-06-24 23:12 - 02558608 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll 2015-01-09 15:29 - 2014-06-24 23:12 - 00935056 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2015-01-09 15:29 - 2014-06-24 23:12 - 00385352 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2015-01-09 15:29 - 2014-06-24 23:12 - 00062608 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2015-01-09 11:47 - 2014-06-24 23:12 - 04173527 _____ () C:\Windows\System32\nvcoproc.bin 2015-01-09 05:41 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild ==================== Known DLLs (All) ========================= [2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll [2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll [2010-11-20 19:23] - [2010-11-20 19:23] - 2086912 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 1414144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll [2014-06-25 01:54] - [2013-08-28 18:13] - 0878080 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll [2014-06-25 01:54] - [2013-08-28 17:48] - 0640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0594432 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.dll [2010-11-20 19:23] - [2010-11-20 19:23] - 0485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll [2015-01-02 13:29] - [2014-08-22 18:07] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll [2015-01-02 13:29] - [2014-08-22 17:45] - 0311808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll [2015-01-02 13:35] - [2014-11-21 18:49] - 2885120 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll [2015-01-02 13:35] - [2014-11-21 18:01] - 2277888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll [2014-06-25 00:59] - [2013-10-18 18:18] - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\IMAGEHLP.dll [2014-06-25 00:59] - [2013-10-18 17:36] - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll [2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll [2014-06-25 01:14] - [2014-03-04 01:44] - 1163264 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll [2014-06-25 01:14] - [2014-03-04 01:16] - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll [2014-06-25 00:39] - [2013-06-05 21:50] - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll [2014-06-25 00:39] - [2013-06-05 20:57] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll [2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll [2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll [2014-06-24 23:46] - [2011-12-16 00:46] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll [2014-06-24 23:46] - [2011-12-15 23:52] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll [2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll [2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll [2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll [2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll [2015-01-02 13:29] - [2014-10-17 18:05] - 0861696 ____A (Microsoft Corporation) C:\Windows\System32\OLEAUT32.dll [2015-01-02 13:29] - [2014-10-17 17:33] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OLEAUT32.dll [2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll [2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll [2015-01-02 13:29] - [2014-07-13 18:02] - 1216000 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll [2015-01-02 13:29] - [2014-07-13 17:40] - 0664064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll [2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll [2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 1900544 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll [2010-11-20 19:23] - [2010-11-20 19:23] - 1667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll [2015-01-02 13:32] - [2014-06-24 18:05] - 14175744 ____A (Microsoft Corporation) C:\Windows\System32\SHELL32.dll [2015-01-02 13:32] - [2014-06-24 17:41] - 12874240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHELL32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll [2010-11-20 19:23] - [2010-11-20 19:23] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll [2015-01-02 13:35] - [2014-11-21 17:15] - 1548288 ____A (Microsoft Corporation) C:\Windows\System32\URLMON.dll [2015-01-02 13:35] - [2014-11-21 16:56] - 1307136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\URLMON.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 1008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll [2014-06-25 01:27] - [2014-04-24 18:34] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll [2014-06-25 01:27] - [2014-04-24 18:06] - 0626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll [2015-01-02 13:35] - [2014-11-21 17:28] - 2358272 ____A (Microsoft Corporation) C:\Windows\System32\WININET.dll [2015-01-02 13:35] - [2014-11-21 17:00] - 1888256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WININET.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0312832 ____A (Microsoft Corporation) C:\Windows\System32\WLDAP32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WLDAP32.dll [2010-11-20 19:24] - [2010-11-20 19:24] - 0297984 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll [2010-11-20 19:23] - [2010-11-20 19:23] - 0206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll [2009-07-13 15:27] - [2009-07-13 17:40] - 0504320 ____A (Microsoft Corporation) C:\Windows\System32\DifxApi.dll [2009-07-13 15:16] - [2009-07-13 17:15] - 0315904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DifxApi.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2015-01-29 05:21:32 Restore point made on: 2015-01-29 05:29:21 Restore point made on: 2015-01-29 14:46:24 Restore point made on: 2015-01-29 14:47:16 Restore point made on: 2015-01-30 04:11:28 Restore point made on: 2015-02-01 10:00:16 Restore point made on: 2015-02-01 11:56:09 Restore point made on: 2015-02-02 03:55:09 Restore point made on: 2015-02-06 05:19:14 Restore point made on: 2015-02-08 10:00:18 ==================== Memory info =========================== Percentage of memory in use: 9% Total physical RAM: 10175.9 MB Available physical RAM: 9164.35 MB Total Pagefile: 10174.1 MB Available Pagefile: 9153.09 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:546.72 GB) NTFS Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: () (Fixed) (Total:1862.92 GB) (Free:1218.5 GB) NTFS Drive h: () (Removable) (Total:3.73 GB) (Free:1.52 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 66438849) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 781C3BBC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 3.7 GB) (Disk ID: 6E652072) No partition Table on disk 2. LastRegBack: 2015-02-03 12:24 ==================== End Of Log ============================ |
![]() | #36 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Drücke bitte die ![]() Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter unlock: HKLM\SOFTWARE\shopperz unlock: HKLM\SOFTWARE\WOW6432NODE\shopperz reg: reg delete "HKLM\SOFTWARE\shopperz" /f reg: reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ --> Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A |
![]() | #37 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Das scheint nicht mal allzu schlecht auszusehen. ![]() Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015 Ran by SYSTEM at 2015-02-09 12:41:33 Run:6 Running from H:\ Boot Mode: Recovery ============================================== Content of fixlist: ***************** unlock: HKLM\SOFTWARE\shopperz unlock: HKLM\SOFTWARE\WOW6432NODE\shopperz reg: reg delete "HKLM\SOFTWARE\shopperz" /f reg: reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f ***************** "HKLM\SOFTWARE\shopperz" => Key unlocked successfully. "HKLM\SOFTWARE\WOW6432NODE\shopperz" => Key unlocked successfully. ========= reg delete "HKLM\SOFTWARE\shopperz" /f ========= Der Vorgang wurde erfolgreich beendet. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\WOW6432NODE\shopperz" /f ========= Der Vorgang wurde erfolgreich beendet. ========= End of Reg: ========= ==== End of Fixlog 12:41:33 ==== |
![]() | #38 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A MBAM nochmal bitte ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #39 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.ACode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 10.02.2015 Suchlauf-Zeit: 02:00:25 Logdatei: mwab.txt Administrator: Ja Version: Malware Datenbank: v2015.02.09.10 Rootkit Datenbank: v2015.02.03.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Admin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 331526 Verstrichene Zeit: 7 Min, 25 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) ![]() |
![]() | #40 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Supi, dann nur noch ein frisches FRST log bitte zur KOntrolle ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #41 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Mit Whitelist wieder drin. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015 Ran by Admin (administrator) on ADMIN-PC on 10-02-2015 16:49:11 Running from C:\Users\Admin\Desktop Loaded Profiles: Admin (Available profiles: Admin) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe Failed to access process -> dllhost.exe Failed to access process -> dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) HKU\S-1-5-21-2266551883-2310591651-913177673-1000\...\MountPoints2: {ca063958-fc33-11e3-8100-806e6f6e6963} - D:\Bin\ASSETUP.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Tcpip\Parameters: [DhcpNameServer] StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rgamlbrh.default-1422533396366 FF Homepage: hxxp://steinmonster.tumblr.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljaoocoecflmhcdodmdmkcfjgoaccdk [2015-01-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [35320 2015-01-28] () R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-08] (Disc Soft Ltd) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-10] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-05-14] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 22:10 - 2015-02-08 22:10 - 02132992 _____ (Farbar) C:\Users\Admin\Desktop\FRST64(2).exe 2015-02-08 22:10 - 2015-02-08 22:10 - 02132992 _____ (Farbar) C:\Users\Admin\Desktop\FRST64(1).exe 2015-02-07 11:42 - 2015-02-08 12:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1B4F188C.sys 2015-02-04 22:09 - 2015-02-05 12:32 - 00002604 _____ () C:\Users\Admin\Desktop\mwabbb.txt 2015-02-01 17:05 - 2015-02-01 17:05 - 00003262 _____ () C:\Windows\System32\Tasks\{0DEBC4D0-6032-4947-B911-088530A42635} 2015-02-01 17:00 - 2015-02-01 17:00 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Desktop\revosetup95.exe 2015-02-01 17:00 - 2015-02-01 17:00 - 00001264 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk 2015-02-01 17:00 - 2015-02-01 17:00 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-02-01 16:59 - 2015-02-01 16:59 - 00002070 _____ () C:\Users\Admin\Desktop\regfix.reg 2015-02-01 12:17 - 2015-02-05 15:25 - 00011174 _____ () C:\Users\Admin\Desktop\SystemLook.txt 2015-02-01 12:02 - 2015-02-01 12:02 - 00165376 _____ () C:\Users\Admin\Desktop\SystemLook_x64.exe 2015-02-01 00:04 - 2006-07-28 07:32 - 00007005 ____N () C:\Users\Admin\Desktop\Eula.txt 2015-01-31 20:21 - 2015-02-10 02:08 - 00001200 _____ () C:\Users\Admin\Desktop\mwab.txt 2015-01-31 14:07 - 2015-02-08 12:59 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion 2015-01-31 14:05 - 2015-01-31 14:05 - 00852573 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe 2015-01-31 14:02 - 2015-01-31 14:02 - 00000857 _____ () C:\Users\Admin\Desktop\gf.txt 2015-01-31 12:40 - 2015-01-31 12:40 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe 2015-01-30 18:51 - 2015-01-30 18:51 - 00000625 _____ () C:\Users\Admin\Desktop\JRT.txt 2015-01-30 18:48 - 2015-01-30 18:49 - 01707939 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe 2015-01-30 18:44 - 2015-01-30 18:45 - 00000000 ____D () C:\AdwCleaner 2015-01-30 18:43 - 2015-01-30 18:43 - 02194432 _____ () C:\Users\Admin\Desktop\AdwCleaner_4.109.exe 2015-01-30 16:51 - 2015-01-30 16:51 - 00001395 _____ () C:\Users\Admin\Desktop\mbam.txt 2015-01-30 16:05 - 2015-01-30 16:05 - 00010938 _____ () C:\Users\Admin\Desktop\Gmer.txt 2015-01-30 15:55 - 2015-01-30 15:55 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357.exe 2015-01-30 15:54 - 2015-02-10 16:49 - 00012768 _____ () C:\Users\Admin\Desktop\FRST.txt 2015-01-30 15:54 - 2015-01-30 15:54 - 00024462 _____ () C:\Users\Admin\Desktop\Addition.txt 2015-01-30 15:53 - 2015-02-10 16:49 - 00000000 ____D () C:\FRST 2015-01-30 15:53 - 2015-02-08 12:59 - 02132992 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2015-01-30 15:51 - 2015-01-30 15:51 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe 2015-01-30 15:51 - 2015-01-30 15:51 - 00000542 _____ () C:\Users\Admin\Desktop\defogger_disable.log 2015-01-30 15:51 - 2015-01-30 15:51 - 00000168 _____ () C:\Users\Admin\defogger_reenable 2015-01-30 14:22 - 2015-01-30 14:22 - 00000000 _____ () C:\autoexec.bat 2015-01-30 01:01 - 2015-02-09 23:18 - 00000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-01-30 00:56 - 2015-01-30 00:56 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin 2015-01-29 14:21 - 2015-01-31 20:28 - 00000000 ____D () C:\Windows\ERUNT 2015-01-29 13:49 - 2015-02-10 16:48 - 00008075 _____ () C:\Windows\setupact.log 2015-01-29 13:49 - 2015-02-10 01:58 - 00008942 _____ () C:\Windows\PFRO.log 2015-01-29 13:49 - 2015-01-29 13:49 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-29 13:48 - 2015-01-29 13:48 - 00009650 _____ () C:\Windows\system32\.crusader 2015-01-29 13:40 - 2015-01-29 13:48 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-01-28 17:12 - 2015-02-01 20:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-01-28 16:44 - 2015-01-28 16:44 - 00000044 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG 2015-01-28 15:52 - 2015-01-28 15:52 - 00000000 ____D () C:\Windows\SysWOW64\Flash 2015-01-28 15:48 - 2015-01-28 15:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Opera Software 2015-01-28 15:48 - 2015-01-28 15:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Opera Software 2015-01-28 15:45 - 2015-01-28 15:45 - 00035320 _____ () C:\Windows\system32\Drivers\bsdriver.sys 2015-01-28 15:45 - 2015-01-28 15:45 - 00000000 ____D () C:\Program Files (x86)\download Manager 2015-01-28 15:44 - 2015-01-28 17:10 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.31 2015-01-28 15:44 - 2015-01-28 15:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\Pirates 2015-01-28 15:44 - 2015-01-28 15:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Pirates854 2015-01-28 15:44 - 2015-01-28 15:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google 2015-01-28 15:10 - 2015-01-28 17:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\10793 2015-01-28 14:57 - 2015-01-28 14:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2015-01-28 14:56 - 2015-01-28 14:56 - 00001101 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk 2015-01-28 14:56 - 2015-01-28 14:56 - 00000969 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk 2015-01-28 14:56 - 2015-01-28 14:56 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList 2015-01-28 14:56 - 2015-01-28 14:56 - 00000000 ____D () C:\Program Files\Adobe Photoshop CS5 (64 Bit) 2015-01-28 14:55 - 2015-01-28 14:56 - 00000000 ____D () C:\Program Files (x86)\Adobe Photoshop CS5 2015-01-28 14:54 - 2015-01-28 14:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-01-28 14:54 - 2015-01-28 14:54 - 00001156 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk 2015-01-28 14:54 - 2015-01-28 14:54 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk 2015-01-28 14:54 - 2015-01-28 14:54 - 00000000 ____D () C:\Program Files (x86)\Adobe Device Central CS5 2015-01-28 14:54 - 2015-01-28 14:54 - 00000000 ____D () C:\Program Files (x86)\Adobe Bridge CS5 2015-01-28 14:51 - 2015-01-29 23:46 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-01-28 14:51 - 2015-01-28 14:51 - 00001519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk 2015-01-28 14:51 - 2015-01-28 14:51 - 00001247 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk 2015-01-28 14:51 - 2015-01-28 14:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2015-01-28 14:51 - 2015-01-28 14:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2015-01-28 14:51 - 2015-01-28 14:51 - 00000000 ____D () C:\Program Files (x86)\Adobe Extension Manager CS5 2015-01-28 14:44 - 2015-01-30 13:18 - 00000000 ____D () C:\ProgramData\Adobe 2015-01-28 14:44 - 2015-01-30 00:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2015-01-28 14:21 - 2015-01-30 00:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2015-01-28 00:51 - 2015-02-10 16:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-27 20:07 - 2015-01-30 13:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2015-01-27 01:00 - 2015-01-27 01:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-26 15:41 - 2015-01-26 15:50 - 00000000 ____D () C:\Program Files (x86)\EA GAMES 2015-01-26 15:33 - 2015-01-26 15:41 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts 2015-01-26 12:47 - 2015-01-27 12:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-01-25 23:39 - 2015-01-25 23:39 - 00002402 _____ () C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk 2015-01-25 23:20 - 2015-01-25 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX 2015-01-25 23:20 - 2015-01-25 23:20 - 00000000 ____D () C:\Program Files (x86)\SquareEnix 2015-01-25 19:34 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-01-25 19:32 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-01-25 19:32 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-01-25 19:32 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-01-22 01:08 - 2015-01-24 12:44 - 00794624 _____ () C:\Users\Admin\Documents\FFXIV_ACT_Plugin.dll 2015-01-15 19:56 - 2015-02-06 14:18 - 00000000 ____D () C:\Windows\SysWOW64\DCS 2015-01-14 23:29 - 2015-01-14 23:29 - 00000000 ____D () C:\Users\Admin\Documents\Razer 2015-01-14 23:08 - 2015-01-14 23:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer 2015-01-14 23:00 - 2015-01-14 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2015-01-14 23:00 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys 2015-01-14 22:28 - 2015-02-10 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-14 22:28 - 2015-02-06 15:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-14 13:40 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 13:40 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 13:40 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 13:40 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 13:40 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 13:40 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 13:40 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 13:40 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 13:40 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 13:40 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 13:40 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 13:40 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 13:40 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-12 02:26 - 2015-01-12 02:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SYSTEMAX Software Development 2015-01-12 02:26 - 2015-01-12 02:26 - 00000000 ____D () C:\ProgramData\SYSTEMAX Software Development 2015-01-12 00:52 - 2015-01-12 00:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\NVIDIA ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-10 16:47 - 2014-06-25 08:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-10 16:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-10 15:15 - 2014-06-25 07:47 - 02091525 _____ () C:\Windows\WindowsUpdate.log 2015-02-10 15:12 - 2015-01-02 22:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client 2015-02-10 14:48 - 2014-12-31 16:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Advanced Combat Tracker 2015-02-10 11:56 - 2009-07-14 05:45 - 00026240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-10 11:56 - 2009-07-14 05:45 - 00026240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-10 01:58 - 2014-06-25 08:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SoftGrid Client 2015-02-09 12:13 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-07 11:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization 2015-02-06 15:11 - 2015-01-07 16:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-06 15:11 - 2015-01-07 16:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-05 12:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2015-02-05 00:43 - 2010-11-21 08:17 - 00000000 ____D () C:\Windows\ShellNew 2015-02-03 22:57 - 2014-06-25 17:40 - 00700906 _____ () C:\Windows\system32\perfh007.dat 2015-02-03 22:57 - 2014-06-25 17:40 - 00150286 _____ () C:\Windows\system32\perfc007.dat 2015-02-03 22:57 - 2009-07-14 06:13 - 01625650 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-01 20:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2015-02-01 17:07 - 2015-01-03 22:05 - 00000000 ___RD () C:\Users\Admin\FanFics 2015-01-30 16:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-30 15:51 - 2014-06-25 07:47 - 00000000 ____D () C:\Users\Admin 2015-01-29 13:45 - 2015-01-08 23:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2015-01-29 13:45 - 2015-01-03 19:36 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-01-29 13:44 - 2014-06-25 17:41 - 00000000 ____D () C:\Windows\Panther 2015-01-29 13:33 - 2009-07-14 05:45 - 00000000 ____D () C:\Windows\Setup 2015-01-28 17:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas 2015-01-28 17:12 - 2014-06-25 07:59 - 00058016 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-28 17:12 - 2009-07-14 05:45 - 04823912 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-01-28 17:09 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini 2015-01-28 15:56 - 2014-06-25 07:48 - 00001421 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-28 15:55 - 2014-12-31 22:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-28 15:55 - 2014-12-31 22:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-28 12:04 - 2014-12-31 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-25 23:20 - 2014-06-25 07:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-25 19:34 - 2014-06-25 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-01-25 19:34 - 2014-06-25 08:04 - 00000000 ____D () C:\Temp 2015-01-22 01:12 - 2015-01-02 23:03 - 00000000 ____D () C:\Program Files (x86)\Advanced Combat Tracker 2015-01-16 07:41 - 2014-12-12 06:54 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-01-16 07:41 - 2014-12-12 06:54 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-01-16 07:41 - 2014-06-25 08:13 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-01-16 07:41 - 2014-06-25 08:13 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-01-14 23:29 - 2015-01-04 00:21 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer_Inc 2015-01-14 23:00 - 2015-01-04 00:20 - 00000000 ____D () C:\ProgramData\Razer 2015-01-14 23:00 - 2015-01-04 00:20 - 00000000 ____D () C:\Program Files (x86)\Razer 2015-01-14 22:24 - 2014-06-25 11:37 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-14 22:23 - 2014-06-25 11:37 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2015-01-30 01:01 - 2015-02-09 23:18 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-01-28 16:44 - 2015-01-28 16:44 - 0000044 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG 2014-06-25 07:54 - 2014-06-25 07:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 21:24 ==================== End Of Log ============================ |
![]() | #42 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Fertig ![]() Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun ![]() Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #43 |
![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Keine Fragen mehr, alles erledigt, und vielen Dank nochmal. Werde noch eine Nachricht im Lob/Kritik-Forum hinterlassen. Schönen Tag allen noch, Kay ![]() |
![]() | #44 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A Gern Geschehen ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() |
Themen zu Windows 7: MWAB findet immer wieder PUP.Optional.Shopperz.A |
benachrichtigungsdienst, bsdriver.sys, flash player, homepage, iexplore.exe, installation, msil/adware.pullupdate.k.gen, programm, pup.optional.shopperz.a, registry, security, software, svchost.exe, systemereignisse, teamspeak, win32/adware.convertad.q, win32/installcore.oz |