Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Software.Updater.Ui

Software.Updater.Ui


Log-Analyse und Auswertung: Software.Updater.Ui

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.02.2015, 17:07   #1
Superfish
 
Software.Updater.Ui - Unglücklich

Software.Updater.Ui


Hallo,

ich hatte das Problem mit Software.Updater.Ui schonmal, jetzt leider auf einem anderen PC.

Hier sind schon die FRST-Logs.

Teil 1:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by admin (administrator) on SUPERSHEEP-PC on 26-02-2015 16:45:54
Running from C:\Users\Superfish\Desktop
Loaded Profiles: Superfish & admin (Available profiles: supersheep & Superfish & admin & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
(Akamai Technologies, Inc.) C:\Users\Superfish\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Users\Superfish\AppData\Local\Google\Update\GoogleUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Superfish\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\hp\HP UT\bin\hppusg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems 

Incorporated)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [30264 2009-10-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [daemontoolslite] => [X]
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c976d4c9-5955-4e3e-b423-df47e242423b.exe [183232 2015-02-23] (AVAST 

Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => C:\Windows\is-23FV3.exe [685056 2015-02-03] ()
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => C:\Windows\is-07DD6.exe [685056 2015-02-03] ()
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes 

Corporation)
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe 

[835224 2011-09-01] (Adobe Systems Incorporated)
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Superfish\AppData\Local\Akamai\netsession_win.exe [4673432 

2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [Google Update] => C:\Users\Superfish\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-

03] (Google Inc.)
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [DAEMON Tools Lite] => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] 

(Microsoft Corporation)
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-609565961-3757282021-3703508451-1004\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] => 0
HKU\S-1-5-21-609565961-3757282021-3703508451-1004\...\RunOnce: [DeleteMarkAny] => C:\Windows\SysWOW64\MASetupCleaner.exe [24576 2014-01-23] ((주)마크애니)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\supersheep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Superfish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Superfish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-609565961-3757282021-3703508451-1003] => http=127.0.0.1:49249;https=127.0.0.1:49249
AutoConfigURL: [S-1-5-21-609565961-3757282021-3703508451-1004] => hxxp://cdn1.browsersecurity.net/safe/cloud.js?si=46364&tid=3869
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-609565961-3757282021-3703508451-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {EF5B4D44-F4B7-4FEB-B84D-4320D6D4F5FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {EF5B4D44-F4B7-4FEB-B84D-4320D6D4F5FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1003 -> DefaultScope {EF5B4D44-F4B7-4FEB-B84D-4320D6D4F5FB} URL = hxxp://www.bing.com/search?q=

{searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1003 -> {DA79A685-4A70-4C91-A55E-BB01DC4EAE8D} URL = hxxp://www.mysearchresults.com/search?

c=4001&t=01&q={searchTerms}
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1003 -> {EA4308B9-9E75-4520-8A0D-20BDA29B66E6} URL = www.buenosearch.com?

babsrc=ext_WinjNw&affID=123841&q={searchTerms}
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1003 -> {EF5B4D44-F4B7-4FEB-B84D-4320D6D4F5FB} URL = hxxp://www.bing.com/search?q={searchTerms}

&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1004 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1004 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1004 -> {556EE3AE-36CC-47ED-BE05-8B3A7CED9851} URL = hxxp://websearch.ask.com/redirect?

client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=cb1e4058-ab8c-4532-bbf0-

c51a170579ee&apn_sauid=6ACE2764-F930-4E98-99D5-11027DAD489A
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1004 -> {953D573D-5C65-41E1-9DF8-B5A21F23B03B} URL = hxxp://www.mysearchresults.com/search?

&c=4001&t=10&q={searchTerms}
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1004 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = String@!@hxxp://mystart.incredibar.com/mb201/?

search={searchTerms}&loc=IB_DS&a=6OyXmf34C2&i=26
SearchScopes: HKU\S-1-5-21-609565961-3757282021-3703508451-1004 -> {EF5B4D44-F4B7-4FEB-B84D-4320D6D4F5FB} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 

(Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-

Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe 

Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live

\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft 

Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard 

Co.)
Toolbar: HKU\S-1-5-21-609565961-3757282021-3703508451-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-609565961-3757282021-3703508451-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2010-03-16] (EasyBits Software 

Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\fbo466xc.default
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF Homepage: about:home
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-609565961-3757282021-3703508451-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Superfish\AppData\Roaming\Mozilla\plugins

\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-609565961-3757282021-3703508451-1003: @talk.google.com/O1DPlugin -> C:\Users\Superfish\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-609565961-3757282021-3703508451-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Superfish\AppData\Local\Google\Update

\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-609565961-3757282021-3703508451-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Superfish\AppData\Local\Google\Update

\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-609565961-3757282021-3703508451-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Superfish\AppData\LocalLow\Unity\WebPlayer\loader

\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\fbo466xc.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\fbo466xc.default\searchplugins\askcom.xml
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-11]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2009-12-02] (AMD) [File not signed]
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-09-08] (Avira Operations GmbH & Co. KG)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2014-07-07] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2014-07-07] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-09] (AVAST Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-07-17] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-08-18] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-02-23] (IObit)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2014-07-07] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) [File not signed]
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-04-09] () [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
R3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation) [File not signed]
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
S2 Browser Manager; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-09] ()
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6175744 2009-12-02] (ATI Technologies Inc.) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-17] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) [File not signed]
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [33488 2013-12-11] ()
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Dot4; C:\Windows\System32\DRIVERS\Dot4.sys [145920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\Windows\system32\drivers\Dot4Prt.sys [19968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 dot4usb; C:\Windows\System32\DRIVERS\dot4usb.sys [43008 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) [File not signed]
R1 HWiNFO32; C:\Program Files\HWiNFO64\HWiNFO64A.SYS [30080 2011-09-22] (REALiX(tm))
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\system32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-23] (Malwarebytes Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-21] (Realtek                                            ) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 silabenm; C:\Windows\System32\DRIVERS\silabenm.sys [23552 2014-04-11] (Silicon Laboratories) [File not signed]
S3 silabser; C:\Windows\System32\DRIVERS\silabser.sys [79360 2014-04-11] (Silicon Laboratories) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\system32\drivers\umbus.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 16:45 - 2015-02-26 16:46 - 00059570 _____ () C:\Users\Superfish\Desktop\FRST.txt
2015-02-26 16:42 - 2015-02-26 16:45 - 00000000 ____D () C:\FRST
2015-02-26 16:34 - 2015-02-26 16:34 - 02087936 _____ (Farbar) C:\Users\Superfish\Desktop\FRST64.exe
2015-02-23 19:27 - 2015-02-02 19:13 - 01388274 _____ (Thisisu) C:\Users\admin\Desktop\JRT_NEW.exe
2015-02-23 18:49 - 2015-02-23 18:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-23 18:49 - 2015-02-23 18:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-23 18:49 - 2015-02-23 18:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-23 18:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-23 18:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-23 18:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-23 18:38 - 2015-02-23 18:38 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\ProductData
2015-02-23 18:37 - 2015-02-23 18:37 - 00002886 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Superfish
2015-02-23 18:37 - 2015-02-23 18:37 - 00001214 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-02-23 18:37 - 2015-02-23 18:37 - 00001190 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-02-23 18:37 - 2015-02-23 18:37 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\IObit
2015-02-23 18:37 - 2015-02-23 18:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\ProductData
2015-02-23 18:37 - 2015-02-23 18:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\IObit
2015-02-23 18:37 - 2015-02-23 18:37 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-23 18:37 - 2015-02-23 18:37 - 00000000 ____D () C:\ProgramData\IObit
2015-02-23 18:37 - 2015-02-23 18:37 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-23 18:36 - 2015-02-23 18:37 - 15971616 _____ (IObit) C:\Users\Superfish\Downloads\iobituninstaller.exe
2015-02-23 16:43 - 2015-02-23 16:43 - 00153424 _____ () C:\Users\Superfish\Downloads\anal-probe.zip
2015-02-11 21:00 - 2015-02-11 21:00 - 00416252 _____ () C:\Users\Superfish\Downloads\a3_portrait_1s.zip
2015-02-11 21:00 - 2014-02-26 15:40 - 03881404 ____N () C:\Users\Superfish\Downloads\a3_portrait_1s.psd
2015-02-10 16:14 - 2015-02-10 16:14 - 00000000 ____D () C:\Users\Superfish\Documents\Adobe
2015-02-07 22:48 - 2015-02-07 22:47 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-07 22:32 - 2015-02-07 22:35 - 178639264 _____ (Oracle Corporation) C:\Users\Superfish\Downloads\jdk-8u31-windows-x64.exe
2015-02-07 22:27 - 2015-02-07 22:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-07 22:27 - 2015-02-07 22:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-07 22:27 - 2015-02-07 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-07 22:27 - 2015-02-07 22:27 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-07 22:24 - 2015-02-07 22:24 - 00639912 _____ (Oracle Corporation) C:\Users\Superfish\Downloads\jxpiinstall.exe
2015-02-03 17:25 - 2015-02-03 17:25 - 00000000 ____D () C:\Users\Superfish\Downloads\eclipse-java-luna-SR1a-win32-x86_64
2015-02-03 17:23 - 2015-02-03 17:25 - 161356649 _____ () C:\Users\Superfish\Downloads\eclipse-java-luna-SR1a-win32-x86_64.zip
2015-02-03 17:12 - 2015-02-03 17:12 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeBASIC
2015-02-03 17:11 - 2015-02-03 17:12 - 00000000 ____D () C:\Users\Superfish\AppData\Local\FreeBASIC
2015-02-03 16:59 - 2015-02-03 16:59 - 00685056 _____ () C:\Windows\is-07DD6.exe
2015-02-03 16:59 - 2015-02-03 16:59 - 00010498 _____ () C:\Windows\is-07DD6.msg
2015-02-03 16:59 - 2015-02-03 16:59 - 00000403 _____ () C:\Windows\is-07DD6.lst
2015-02-03 16:52 - 2015-02-03 16:52 - 00004736 _____ () C:\Windows\DPINST.LOG
2015-02-03 16:52 - 2015-02-03 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2015-02-03 16:52 - 2015-02-03 16:52 - 00000000 ____D () C:\Program Files\DIFX
2015-02-03 16:51 - 2015-02-03 16:52 - 00000449 _____ () C:\Users\Superfish\AppData\Roaming\myAVR_ProgTool.cfg
2015-02-03 16:45 - 2015-02-03 16:45 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\MCS Electronics
2015-02-03 16:45 - 2015-02-03 16:45 - 00000000 ____D () C:\Users\Superfish\AppData\Local\MCS Electronics
2015-02-03 16:44 - 2015-02-03 16:44 - 00685056 _____ () C:\Windows\is-23FV3.exe
2015-02-03 16:44 - 2015-02-03 16:44 - 00010498 _____ () C:\Windows\is-23FV3.msg
2015-02-03 16:44 - 2015-02-03 16:44 - 00000403 _____ () C:\Windows\is-23FV3.lst
2015-02-03 16:42 - 2015-02-03 17:06 - 00000000 ____D () C:\Users\Superfish\Downloads\Bascom
2015-02-03 16:42 - 2014-04-11 22:56 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoinstaller01009.dll
2015-02-03 16:42 - 2014-04-11 22:56 - 00079360 _____ (Silicon Laboratories) C:\Windows\system32\Drivers\silabser.sys
2015-02-03 16:42 - 2014-04-11 22:56 - 00023552 _____ (Silicon Laboratories) C:\Windows\system32\Drivers\silabenm.sys
2015-01-28 17:19 - 2015-01-29 15:05 - 00000000 ____D () C:\Users\Superfish\AppData\Local\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 16:37 - 2010-10-08 18:12 - 01139736 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 16:36 - 2010-10-24 10:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-26 16:31 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-26 16:31 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-26 16:30 - 2013-10-16 15:28 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-609565961-3757282021-3703508451-1003Core.job
2015-02-26 16:27 - 2012-01-09 16:17 - 00000000 ____D () C:\Users\Superfish\AppData\Local\LogMeIn Hamachi
2015-02-26 16:26 - 2013-07-17 09:14 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2015-02-26 16:25 - 2013-07-22 14:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-26 16:25 - 2013-02-14 21:29 - 00000000 ___RD () C:\Users\Superfish\Dropbox
2015-02-26 16:25 - 2013-02-14 21:20 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\Dropbox
2015-02-26 16:23 - 2010-10-24 10:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 16:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-26 16:22 - 2009-07-14 05:51 - 00176084 _____ () C:\Windows\setupact.log
2015-02-23 20:52 - 2013-04-26 19:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-23 19:23 - 2010-10-08 18:33 - 01788482 _____ () C:\Windows\PFRO.log
2015-02-23 19:23 - 2009-07-14 05:45 - 00567504 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-23 19:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-23 19:21 - 2013-01-29 17:10 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2015-02-23 19:21 - 2012-12-16 12:37 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2015-02-23 19:21 - 2012-06-29 17:57 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\Iminent
2015-02-23 19:21 - 2012-05-11 17:38 - 00000000 ____D () C:\Users\supersheep\AppData\Local\CRE
2015-02-23 18:40 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-23 18:37 - 2012-10-30 21:32 - 00160496 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 18:27 - 2012-04-15 17:35 - 00000000 ____D () C:\Users\Superfish\AppData\Local\Microsoft Help
2015-02-23 16:50 - 2010-10-08 19:06 - 00160496 _____ () C:\Users\Superfish\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 16:44 - 2014-04-02 17:15 - 00000000 ____D () C:\Users\Superfish\Downloads\Photoshop
2015-02-23 16:28 - 2010-10-09 17:59 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{420A6A97-D716-4681-B18A-1B4F28256A60}
2015-02-23 16:23 - 2013-10-05 11:58 - 00001025 _____ () C:\Users\Superfish\Desktop\Dropbox.lnk
2015-02-23 16:23 - 2013-10-05 11:57 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 21:25 - 2012-04-15 17:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 21:25 - 2009-07-14 03:34 - 00000692 _____ () C:\Windows\win.ini
2015-02-11 21:21 - 2013-08-14 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 21:15 - 2011-01-07 18:50 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 20:20 - 2012-01-13 18:38 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\Skype
2015-02-10 17:55 - 2013-04-27 18:19 - 00000000 ____D () C:\Users\Superfish\Documents\Schule
2015-02-10 16:25 - 2013-10-16 15:28 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-609565961-3757282021-3703508451-1003UA
2015-02-10 16:25 - 2013-10-16 15:28 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-609565961-3757282021-3703508451-1003Core
2015-02-10 16:25 - 2013-10-16 15:28 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-609565961-3757282021-3703508451-1003UA.job
2015-02-07 22:47 - 2012-05-22 13:25 - 00000000 ____D () C:\Program Files\Java
2015-02-07 22:46 - 2014-02-21 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-02-07 20:53 - 2014-02-07 17:27 - 00000000 ____D () C:\Users\Superfish\Documents\Privat
2015-02-07 19:52 - 2014-12-26 18:04 - 00000000 ____D () C:\Users\Superfish\Documents\My Games
2015-02-07 19:52 - 2013-04-26 19:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-07 19:52 - 2012-04-15 17:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 19:52 - 2012-01-05 12:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 19:49 - 2013-04-27 18:51 - 00000000 ____D () C:\Users\Superfish\Desktop\Bilder
2015-02-07 19:42 - 2014-09-11 13:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-04 18:31 - 2010-10-24 10:00 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 18:31 - 2010-10-24 10:00 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 17:25 - 2010-10-08 19:20 - 00000000 ____D () C:\Users\Superfish\AppData\Roaming\Mozilla
2015-02-03 16:43 - 2012-10-30 21:21 - 00000000 ____D () C:\Users\admin
2015-01-29 19:09 - 2011-05-12 22:14 - 00000000 ____D () C:\ProgramData\Origin
2015-01-29 16:03 - 2014-10-10 14:11 - 00000000 ____D () C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2003-11-11 01:27 - 2003-11-11 01:26 - 0376884 _____ () C:\Program Files\image001.bmp
2012-06-29 17:53 - 2012-06-29 17:53 - 0054233 _____ () C:\Program Files\setuplog.txt
2010-05-25 19:40 - 2010-05-25 19:40 - 145988770 _____ () C:\Program Files (x86)\openofficeorg1.cab
2010-05-25 19:43 - 2010-05-25 19:43 - 3099136 _____ () C:\Program Files (x86)\openofficeorg32.msi
2010-05-25 19:41 - 2010-05-25 19:41 - 0460088 _____ () C:\Program Files (x86)\setup.exe
2010-05-25 18:46 - 2010-05-25 18:46 - 0000290 _____ () C:\Program Files (x86)\setup.ini
2013-12-11 17:54 - 2013-12-11 17:54 - 0001247 _____ () C:\Users\admin\AppData\Roaming\trace_FilterInstaller.txt
2013-12-11 17:54 - 2013-12-11 17:54 - 0000000 _____ () C:\Users\admin\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-02-12 16:00 - 2013-02-12 17:18 - 0010240 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-03 16:48 - 2014-12-03 16:48 - 0000017 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg
2010-12-15 08:51 - 2010-12-15 09:29 - 0001197 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Superfish\Exe.reg
C:\Users\Public\AlexaNSISPlugin.5268.dll


Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\pylEB09.tmp.exe
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\admin\AppData\Local\Temp\sfareca00001.dll
C:\Users\admin\AppData\Local\Temp\sfextra.dll
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
C:\Users\supersheep\AppData\Local\Temp\avgnt.exe
C:\Users\supersheep\AppData\Local\Temp\ose00000.exe
C:\Users\supersheep\AppData\Local\Temp\PDSetup3785.exe
C:\Users\supersheep\AppData\Local\Temp\rootsupd.exe
C:\Users\supersheep\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Superfish\AppData\Local\Temp\AskSLib.dll
C:\Users\Superfish\AppData\Local\Temp\avgnt.exe
C:\Users\Superfish\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Superfish\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfv32or.dll
C:\Users\Superfish\AppData\Local\Temp\edsetup.exe
C:\Users\Superfish\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Superfish\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Superfish\AppData\Local\Temp\Setup_FORTE4Free_de.exe
C:\Users\Superfish\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Superfish\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Superfish\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Superfish\AppData\Local\Temp\zipsetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 20:24

==================== End Of Log ============================
__________________
Vielen Dank und mit schönen Grüßen
Superfish

 

Themen zu Software.Updater.Ui
adobe, akamai, antivirus, autorun, avast, avira, browser, computer, defender, explorer, flash player, google, helper, home, homepage, iexplore.exe, mozilla, msiexec.exe, newtab, problem, realtek, registry, scan, services.exe, system, temp, tunnel, usbvideo.sys, windows


« Windows 8.1: Virenverdacht | Dhl Spammail, Virenverdacht! »


Ähnliche Themen: Software.Updater.Ui


  1. Windows7, Trojaner Software.Updater.UI.exe, Popup erscheint hartnäckig
    Log-Analyse und Auswertung - 21.03.2014 (17)
  2. Trojaner Software.Updater.UI.exe dank Schreiber entfernt
    Lob, Kritik und Wünsche - 20.03.2014 (0)
  3. Win 7: Software Updater Malware ?
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (7)
  4. Software-Updater beim Hochfahren
    Log-Analyse und Auswertung - 29.01.2014 (10)
  5. "FREEMIUM Software-Updater"
    Plagegeister aller Art und deren Bekämpfung - 01.01.2014 (25)
  6. Hilfe bei trojaner Software Updater Ui.exe
    Log-Analyse und Auswertung - 17.11.2013 (10)
  7. Software Updater UI, benötigte Unterstützung bei Entfernung
    Log-Analyse und Auswertung - 02.11.2013 (1)
  8. Software Updater.ui ebenfalls eingefangen :/
    Plagegeister aller Art und deren Bekämpfung - 15.10.2013 (2)
  9. Software Updater.ui .exe/ windows vista
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (13)
  10. software.updater.ui.exe legt Rechner komplett Lahm
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (17)
  11. Laptop langsam - Gescannt und gereinigt - software.updater.exe gefunden
    Log-Analyse und Auswertung - 07.10.2013 (7)
  12. Windows Vista : Software Updater.ui
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (7)
  13. Software.Updater.ui.exe nun auf dem Rechner meiner Freundin nach dem Hochfahren
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (9)
  14. Software Updater UI.exe wie entferne ich das von meinem Laptop?
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (11)
  15. software.updater.ui.exe Netzwerk bricht ab
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (12)
  16. Probleme mit unbekannter "Software Updater UI"
    Log-Analyse und Auswertung - 26.06.2013 (11)
  17. Software.updater.ui.exe möchte an meinen Laptop
    Plagegeister aller Art und deren Bekämpfung - 21.06.2013 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Software.Updater.Ui - Hallo, ich hatte das Problem mit Software.Updater.Ui schonmal, jetzt leider auf einem anderen PC. Hier sind schon die FRST-Logs. Teil 1: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar - Software.Updater.Ui...
Archiv
Du betrachtest: Software.Updater.Ui auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55