| |
| |||||||
Log-Analyse und Auswertung: Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.03.2015, 21:41
| #1 |
 |  Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Hallo, also ich habe mich hier registriert um hoffentlich jemanden zu finden der mir helfen kann. Ich habe mir wohl vor 2 Tagen einen Adware Virus eingefangen und nun ist mein Browser voller Werbung. Ich benutzte Google Chrome und habe dort selbstverständlich in den Add-Ons und so weiter nachgeschaut, den Browser zurückgesetzt und sogar neuinstalliert, also am Browser liegt es nicht, denn bei Firefox habe ich das selbe Problem. Dann habe ich gestern mal gegoogelt und Virenscanner wie z.B. "AdwCleaner", "Malwarebytes" und "Ad-Aware" heruntergeladen und ausgeführt. Die haben zwar auch ein paar Dateien gefunden und entfernt, doch mit der Werbung im Browser hatten diese wohl nichts zu tun. Auch mein Antivirensystem "Comodo" hilft nicht weiter. Unter Systemsteuerung > Programme deinstallieren habe ich auch schon geschaut und nichts gefunden. Die Werbung sieht so wie auf den Bildern aus, links und recht sowie unten irgendwelche Anzeigen zu einem angeblichen Download und in Texten sind einzelne Wörter unterschrichen und es öffnet sich ein kleines Fenster wenn ich mit der Maus darüber gehe. Oftmals öffnet sich ein neues Tab wenn ich einen Text markiere und ich komme dann auf Seiten wie "Redirect", "Stemplive" oder "bestbuys". Wenn ich rechtsklick auf eine der Anzeigen mache, kann ich die Option "Copyright DSNR Media Group" auswählen, welche mich auf deren Website verweist. Außerdem ist mir aufgefallen, dass Chrome mit der Meldung "Chrome funktioniert nicht mehr!" abstürzt. Ich kann keine Stunde den Browser benutzten ohne, dass er mindestens einmal abstürzt. Sorry für den langen Text, aber ich habe versucht das Problem so genau wie möglich zu beschreiben. Ich poste euch mal den Bericht nach dem Scann mit AdwScanner und Ad-Aware, falls jemand was damit anfangen kann. Vielen Danke für eure Hilfe  Bericht AdwCleaner: Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 19/03/2015 um 21:30:44
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-15.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Simon - SIMON-HP
# Gestarted von : C:\Users\Simon\Downloads\adwcleaner_4.112.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
Task Gefunden : RocketTab Update Task
Task Gefunden : RocketTab
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKLM\SOFTWARE\GeekBuddyRSP
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v29.0.1 (de)
-\\ Google Chrome v41.0.2272.89
-\\ Comodo Dragon v36.1.1.21
*************************
AdwCleaner[R0].txt - [1082 Bytes] - [18/03/2015 22:46:51]
AdwCleaner[R1].txt - [1072 Bytes] - [19/03/2015 21:30:44]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1131 Bytes] ##########
Code:
ATTFilter This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Summary>
<ScanInfo ScanMode="Manual" ScanType="Custom" StartTime="20150319T182324.902704" EndTime="20150319T202501.902704"/>
<InfectedObjects>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{0B545448-BBA6-48EB-8B30-33F610186A18}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Dropped:Trojan.Generic.12317789"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{3FF628B8-48DB-4FD3-9DCE-050B1A4A869D}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Dropped:Trojan.Generic.12317789"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{53654BC9-478A-45C3-B3B7-93D32966D374}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.703371"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{104BFC96-3883-4641-800C-2EDC064F90D9}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Trojan.Agent.BDXT"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{03BAEBFA-BFD8-49E4-8D4C-E2B24EE9FC05}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Dropper.104"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{10715C86-3956-4191-9B39-D2CAE3EB7536}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Gen:Variant.Application.Bundler.Amonetize.14"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{16729C59-5099-485B-BDD2-BD87457CF571}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Gen:Variant.Application.Bundler.Amonetize.14"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{3F8FD398-0477-4B5E-81C4-E1DA28E9F41E}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Buzy.298"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{3E7D1525-0B2E-4FC3-A00E-19F200A23C11}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Trojan.GenericKD.2188191"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{46259201-5D93-4B35-BF1F-261F7E69265B}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Dropper.104"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{48A3DE86-CE01-4872-B067-AAF02C0EBB5A}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.BHO.WVU"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{5135A208-2DEB-49B9-9D11-ECF0BFCF9F28}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Trojan.Generic.10347686"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{55DB1ABA-953B-4154-87A2-00ED39A07D95}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Zusy.128867"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{58A3882A-F251-4BD9-9123-84EB4E5EF81D}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Strictor.75886"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{6AFB88BE-2D6A-4FEF-812E-FAF1AC5B1BAB}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Dropper.104"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{56A188C5-6FAA-46A9-92F7-2BB7CE005E9B}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Gen:Variant.Application.Bundler.Fireseria.1"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{6C281155-0E65-43A6-932E-44149071DE88}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.703371"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{6CE62B91-75B8-494F-A97E-FA72FA16EB05}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Trojan.Heur.KS.2"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{7608BFB4-F511-4A6E-B0BF-46FBB31C2343}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.MultiPlug.AO"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{74F80323-CDE9-449B-913F-9D65E948093B}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Mikey.7766"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{7AE70BA8-65E6-4E95-AFB8-24874B8C818A}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Dropper.104"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{7761732A-0F75-4BCB-BAE3-38E3ED13A12A}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.Eorezo.CD"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{9AEF6839-A951-47CC-8797-B1B129C8CDED}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Gen:Variant.Application.Bundler.Fireseria.1"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{A0259847-D263-4E2B-B12E-6118A9102A58}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Graftor.172099"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{AC165EA7-0784-4673-9F2F-1818463C1234}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Dropper.104"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{B61A8236-E21D-4420-A3AE-B760BCAB5BE0}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.703371"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{B6AA0168-3DA6-465D-997B-5EF28C1ED278}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.Adpeak.M"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{C068B844-6177-4D03-939C-8F5743790F5A}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Graftor.172099"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{C021F927-ACE0-4A96-8435-DAF696593C37}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Dropped:Trojan.Generic.12317789"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{C6900EA5-3D4A-42DD-8247-F0C10ADFC384}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.MultiPlug.AO"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{C9B28BDD-5657-42C2-8A11-49401A09D9E8}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Trojan.GenericKD.2230950"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{CFC49FF1-58FA-46DC-9A05-C8C643C170BA}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Graftor.127306"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{D1D7782C-7627-43FE-9870-211D838E72CF}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1072072"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{CD882E88-6D5C-4A54-A32B-EB0D8508DBE8}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.Eorezo.CD"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{DEB1F996-097F-4480-88FB-E39C3C41E11A}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Zusy.132667"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{ED16AD78-137A-4440-9538-D2A183198469}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.BHO.WVU"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{F8A235D0-86DA-4618-A35E-F43BCB8A35F3}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Strictor.48623"/>
<InfectedObject ObjectType="File" ObjectPath="C:\ProgramData\COMODO\Cis\Quarantine\data\{EC418252-B526-4491-B8C7-9E536C381058}" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1048061"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej\201\BgEx.js" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.MultiPlug.CY"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej\201\BgEx.js" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.MultiPlug.CY"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\81426536345\GI64X24537.exe" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Gen:Variant.Graftor.179200"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\FiddlerCore.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Adware.Heur.wm9@grJMsAo"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\lrrot.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.739419"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\Proxy.Lib.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.827592"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\Smartbar.Monetization.Proxy.ProxyService.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1173782"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1174097"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.XmlSerializers.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1173373"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1173678"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\spusm.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1076224"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\srbs.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1036760"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\srbu.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.651446"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\sreu.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1174100"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\srpdm.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1156732"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\srprl.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1160976"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\srptc.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1173626"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\MSIAB73.tmp-\srut.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1174016"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\n1783\OptimizerPro.exe" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Generic.1014863"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Users\Simon\AppData\Local\Temp\~dlC2F5\lxwsh\tmp\CrashReporter_v6.2.7601.2011.exe" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Gen:Application.Elex.1"/>
<InfectedObject ObjectType="File" ObjectPath="C:\VTRoot\HarddiskVolume2\Program Files (x86)\unIsalees\gp6QHIDqS0bWSa.exe" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.Agent.PKA"/>
<InfectedObject ObjectType="File" ObjectPath="C:\VTRoot\HarddiskVolume2\Users\Simon\AppData\Local\Temp\46e6Cf99eE.exe" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Mikey.7290"/>
<InfectedObject ObjectType="File" ObjectPath="C:\VTRoot\HarddiskVolume2\Users\Simon\AppData\Local\Temp\584571\temp\Cubase 7 Crack.exe" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Gen:Variant.Adware.Mikey.7290"/>
<InfectedObject ObjectType="File" ObjectPath="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Adware" ThreatName="Adware.Linkury.B"/>
</InfectedObjects>
</Summary>
Geändert von AdwareOpfer (19.03.2015 um 21:47 Uhr) |
|
19.03.2015, 21:55
| #2 |
| /// TB-Ausbilder   | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST ausführen: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
19.03.2015, 22:12
| #3 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Hallo,
__________________Vielen Dank, dass du mir hilfst Hier die FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Simon (administrator) on SIMON-HP on 19-03-2015 22:03:27
Running from C:\Users\Simon\Downloads
Loaded Profiles: Simon (Available profiles: Simon & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(BitTorrent Inc.) C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bzwdg.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Autodesk Inc.) C:\Users\Simon\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bz32.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bzdap.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bz64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-02-03] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-21] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [9566192 2015-03-18] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-01-02] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-07] (Easybits)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-10] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1195520 2013-12-14] (RemoteMouse.net)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [uTorrent] => C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\MountPoints2: {73bac91d-2ea1-11e3-b8bc-3860775f15cf} - G:\pushinst.exe
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\MountPoints2: {ca657679-8771-11e3-b44b-bc0543040e51} - G:\Autorun.exe
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\MountPoints2: {f70f5420-2eeb-11e3-b0b8-806e6f6e6963} - E:\Lernkurs.exe
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\MountPoints2: {fd883ce1-35ba-11e3-92db-bc0543040e51} - H:\Autorun.exe
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunes.lnk
ShortcutTarget: iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.1.14
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.1.14
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-09-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-09-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: BobyZoom - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\bbz@bobyzoom.com [2015-03-16]
FF Extension: DownloadHelper - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-18]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-29]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-09-24]
CHR Extension: (Google Drive) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-06]
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-06]
CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-06]
CHR Extension: (I <3 House Music) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbihiclmkdmbnihofkkhlmdefkclbfkj [2015-03-17]
CHR Extension: (Adblock Plus Popup) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdpphnfafkjbgbkdopdanfcidmkioni [2014-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgfnehbddlogppjfeiahlllidhoonhge [2015-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Video Download Helper) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "tammgF119" service could not be unlocked. <===== ATTENTION
Locked "tammgR119" service could not be unlocked. <===== ATTENTION
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-31] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 bobyzoom; C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe [0 ] () <==== ATTENTION (zero size file/folder)
R2 bzwdg; C:\ProgramData\bobyzoom\1.1.0.30\bzwdg.exe [0 ] () <==== ATTENTION (zero size file/folder)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-10] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-02-03] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-02-03] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-10] (Comodo Security Solutions, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-18] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-14] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-06] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 EraserSvc11311; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe" /h ccCommon [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2015-03-18] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2015-03-18] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2015-03-18] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2015-01-06] (BitDefender LLC)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-06-26] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-03] (Disc Soft Ltd)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R5 tammgF119; C:\Windows\System32\Drivers\tammgF119.sys [26784 2015-03-16] () [File not signed]
R5 tammgR119; C:\Windows\System32\Drivers\tammgR119.sys [26272 2015-03-16] () [File not signed]
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-03-18] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-19 22:03 - 2015-03-19 22:04 - 00029546 _____ () C:\Users\Simon\Downloads\FRST.txt
2015-03-19 22:02 - 2015-03-19 22:03 - 00000000 ____D () C:\FRST
2015-03-19 22:01 - 2015-03-19 22:01 - 02095616 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2015-03-19 21:27 - 2015-03-19 21:27 - 00015388 _____ () C:\Users\Simon\Desktop\Ad-Aware_Report_Custom_Manual_2015-03-19T21-25-01.902704.xml
2015-03-19 20:29 - 2015-03-19 21:36 - 00018448 _____ () C:\Users\Simon\Desktop\Adware.txt
2015-03-18 23:05 - 2015-03-18 23:05 - 00000000 ____D () C:\ProgramData\BitDefender
2015-03-18 22:54 - 2015-03-19 17:18 - 00002323 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-03-18 22:54 - 2015-03-18 22:54 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\LavasoftStatistics
2015-03-18 22:54 - 2015-03-18 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-18 22:53 - 2015-03-18 22:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-03-18 22:51 - 2015-03-18 22:51 - 00000000 ____D () C:\Program Files\Lavasoft
2015-03-18 22:50 - 2015-03-18 22:50 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Lavasoft
2015-03-18 22:50 - 2015-03-18 22:50 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-03-18 22:49 - 2015-03-18 22:49 - 02071768 _____ () C:\Users\Simon\Downloads\AdAware116WebInstaller.exe
2015-03-18 22:49 - 2015-03-18 22:49 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-18 22:46 - 2015-03-18 22:46 - 02171392 _____ () C:\Users\Simon\Desktop\adwcleaner_4.112.exe
2015-03-18 22:45 - 2015-03-18 22:46 - 02171392 _____ () C:\Users\Simon\Downloads\adwcleaner_4.112.exe
2015-03-18 15:18 - 2015-03-19 17:17 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-17 22:03 - 2015-03-17 22:03 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 22:01 - 2015-03-17 22:02 - 00000000 ____D () C:\KVRT_Data
2015-03-17 21:59 - 2015-03-17 22:01 - 133981896 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Downloads\KVRT15.0.19.0.exe
2015-03-17 17:35 - 2015-03-17 17:35 - 00000000 ____D () C:\sh_backup
2015-03-17 17:25 - 2015-03-17 17:25 - 00000000 _____ () C:\autoexec.bat
2015-03-17 17:22 - 2015-03-17 17:23 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Simon\Downloads\SpyHunter-Installer.exe
2015-03-17 15:53 - 2015-03-17 15:53 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 15:53 - 2015-03-17 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 15:51 - 2015-03-19 20:56 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-17 15:51 - 2015-03-19 17:15 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-17 15:51 - 2015-03-17 15:51 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-17 15:51 - 2015-03-17 15:51 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-17 15:50 - 2015-03-17 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-17 15:50 - 2015-01-30 14:35 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-03-17 15:50 - 2015-01-30 14:35 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-17 15:40 - 2015-03-17 21:45 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Maaxi
2015-03-17 15:29 - 2015-03-17 17:15 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Azes
2015-03-17 15:29 - 2015-03-17 15:29 - 00000120 _____ () C:\Users\Simon\AppData\Roaming\store.mui
2015-03-17 15:29 - 2015-03-17 15:29 - 00000036 _____ () C:\Users\Simon\AppData\Roaming\store.efi
2015-03-16 22:13 - 2015-03-18 18:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-16 22:13 - 2015-03-16 22:13 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-16 22:13 - 2015-03-16 22:13 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-16 22:13 - 2015-03-16 22:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-16 22:13 - 2015-03-16 22:13 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-16 22:13 - 2015-03-16 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-16 22:13 - 2015-03-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-16 22:13 - 2015-03-16 22:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-16 22:08 - 2015-03-16 22:12 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-16 21:32 - 2015-03-19 21:34 - 00000000 ____D () C:\AdwCleaner
2015-03-16 21:11 - 2015-03-16 21:11 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieBrowserModeList
2015-03-16 21:10 - 2015-03-16 21:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2015-03-16 21:08 - 2015-03-16 21:08 - 00000000 ____D () C:\ProgramData\338492126a3249459a948fc3ab4924b4
2015-03-16 21:07 - 2015-03-16 21:08 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-03-16 21:06 - 2015-03-16 21:06 - 00026784 _____ () C:\Windows\system32\Drivers\tammgF119.sys
2015-03-16 21:06 - 2015-03-16 21:06 - 00026272 _____ () C:\Windows\system32\Drivers\tammgR119.sys
2015-03-16 21:06 - 2015-03-16 21:06 - 00000000 ____D () C:\ProgramData\bobyzoom
2015-03-14 11:54 - 2015-03-14 11:54 - 00019779 _____ () C:\Users\Simon\Downloads\2014 11 14 Information PULMOLL_Stevia_tins for translation_LABELS NEU.xlsx
2015-03-14 02:21 - 2015-03-14 02:21 - 00000000 ___RD () C:\Users\Simon\Desktop\Drums Project
2015-03-13 19:25 - 2015-03-13 19:25 - 00001037 _____ () C:\Users\Public\Desktop\Java-Editor.lnk
2015-03-13 19:25 - 2015-03-13 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java-Editor
2015-03-13 19:25 - 2015-03-13 19:25 - 00000000 ____D () C:\Program Files (x86)\JavaEditor
2015-03-13 19:24 - 2015-03-13 19:25 - 02356216 _____ (Gerhard Röhner ) C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe
2015-03-13 19:16 - 2015-03-13 19:16 - 48909782 _____ () C:\Users\Simon\Downloads\ni_massive_pack_2013 (1).zip
2015-03-13 19:12 - 2015-03-13 19:14 - 112557786 _____ () C:\Users\Simon\Downloads\M_ive52000Presets.rar
2015-03-13 18:48 - 2015-03-13 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2015-03-13 18:46 - 2015-03-13 18:46 - 11166093 _____ () C:\Users\Simon\Downloads\LennarDigital.Sylenth1.v2.21.x86.x64_www.insfire.net.rar
2015-03-13 18:43 - 2015-03-13 18:43 - 00002933 _____ () C:\Users\Simon\Downloads\(500 Sub ) Free Sylenth Sound Bank(By KiDynamic).rar
2015-03-13 12:52 - 2015-03-13 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-13 12:52 - 2015-03-13 12:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-03-12 22:53 - 2015-03-12 22:54 - 05387630 _____ () C:\Users\Simon\Downloads\Sylenth1DemoWin64.zip
2015-03-12 22:48 - 2015-03-12 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1 Demo
2015-03-12 22:48 - 2015-03-12 22:48 - 05308733 _____ () C:\Users\Simon\Downloads\Sylenth1DemoWin32.zip
2015-03-12 22:48 - 2015-03-12 22:48 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2015-03-11 22:13 - 2015-03-11 22:13 - 00000000 ___RD () C:\Users\Simon\Desktop\Intro Project
2015-03-11 14:27 - 2015-03-11 14:27 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 14:27 - 2015-03-11 14:27 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 14:27 - 2015-03-11 14:27 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 14:27 - 2015-03-11 14:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 14:27 - 2015-03-11 14:27 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 14:27 - 2015-03-11 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 14:27 - 2015-03-11 14:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 14:14 - 2015-03-11 14:14 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 14:14 - 2015-03-11 14:14 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 14:14 - 2015-03-11 14:14 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 14:14 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 14:14 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 14:12 - 2015-03-11 14:12 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 14:12 - 2015-03-11 14:12 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00278786 _____ () C:\Users\Simon\Downloads\Access_7_und_8_Kapitel_Abfragen.zip
2015-03-01 21:51 - 2015-03-01 21:52 - 427737644 _____ () C:\Users\Simon\Desktop\Mix_1.wav
2015-02-28 22:08 - 2015-03-01 21:53 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Audacity
2015-02-28 22:08 - 2015-02-28 22:08 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-02-28 22:08 - 2015-02-28 22:08 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-02-28 22:08 - 2015-02-28 22:08 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-02-28 22:06 - 2015-02-28 22:06 - 01203488 _____ () C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe
2015-02-25 23:42 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 23:42 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 23:42 - 2013-11-10 23:03 - 00000000 ____D () C:\Users\Simon\Desktop\Jannick Larsen Sample Pack 2
2015-02-24 23:42 - 2013-07-01 10:12 - 00000000 ____D () C:\Users\Simon\Desktop\Jannick Larsen Sample Pack
2015-02-24 22:59 - 2015-02-24 23:12 - 332172142 _____ () C:\Users\Simon\Downloads\Jay Forest Sample Pack 2.rar
2015-02-24 22:59 - 2015-02-24 23:06 - 121510185 _____ () C:\Users\Simon\Downloads\Jay Forest Sample Pack.rar
2015-02-24 22:41 - 2015-02-24 22:55 - 758440728 _____ () C:\Users\Simon\Downloads\musicradar-house-percussion-samples.zip
2015-02-22 19:23 - 2015-02-22 19:23 - 00011034 _____ () C:\Users\Simon\Downloads\snake_js.zip
2015-02-21 20:10 - 2015-02-23 21:23 - 00442368 _____ () C:\Users\Simon\Desktop\Trainingsplan.indd
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files\iTunes
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files\iPod
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-17 15:30 - 2015-02-17 15:30 - 01691808 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-19 22:04 - 2013-10-06 18:25 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-03-19 22:01 - 2013-10-06 20:53 - 00326104 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-03-19 22:00 - 2013-10-15 21:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\uTorrent
2015-03-19 21:58 - 2013-10-15 20:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2015-03-19 20:51 - 2013-10-06 17:07 - 01940104 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 17:25 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 17:25 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 17:19 - 2014-09-29 18:34 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai
2015-03-19 17:16 - 2013-12-03 22:26 - 00000000 ____D () C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2015-03-19 17:14 - 2013-10-17 19:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForSimon.job
2015-03-19 17:14 - 2010-11-21 04:47 - 00842162 _____ () C:\Windows\PFRO.log
2015-03-19 17:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-19 17:14 - 2009-07-14 05:51 - 00120648 _____ () C:\Windows\setupact.log
2015-03-19 02:35 - 2013-10-06 17:26 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64C34E7A-F718-4277-8DD3-9A6EF5ACA927}
2015-03-18 22:54 - 2015-01-06 12:47 - 00093160 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2015-03-18 22:53 - 2015-01-06 12:36 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-18 22:53 - 2015-01-06 12:36 - 00727592 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-03-18 22:53 - 2015-01-06 12:36 - 00601360 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-03-18 22:53 - 2015-01-06 12:36 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-03-18 22:52 - 2015-01-22 16:16 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys
2015-03-18 21:57 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\Simon\Desktop\Import Musik
2015-03-18 21:57 - 2013-10-18 14:22 - 00000000 ____D () C:\Users\Simon\Desktop\Musik
2015-03-18 15:31 - 2013-10-17 19:45 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSimon
2015-03-18 15:31 - 2013-10-09 11:37 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-18 15:28 - 2013-10-09 11:34 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HP Support Assistant
2015-03-18 15:28 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HpUpdate
2015-03-18 15:17 - 2011-11-06 13:56 - 00000000 ____D () C:\Windows\en
2015-03-17 22:47 - 2014-04-24 16:21 - 00000000 ____D () C:\ProgramData\Ableton
2015-03-17 21:45 - 2015-01-04 14:56 - 00000000 ____D () C:\Windows\Font-Collection_eigene
2015-03-17 20:53 - 2013-10-06 22:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-17 17:25 - 2013-10-06 17:08 - 00000000 ____D () C:\Users\Simon
2015-03-17 15:53 - 2013-10-06 18:14 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-17 15:51 - 2013-10-06 18:14 - 00000000 ____D () C:\Users\Simon\AppData\Local\Deployment
2015-03-17 15:50 - 2014-10-17 12:04 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-17 00:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-03-16 23:37 - 2015-01-05 17:15 - 00000000 ____D () C:\Program Files (x86)\News Factory
2015-03-16 21:17 - 2014-05-27 22:10 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-16 21:17 - 2013-10-06 17:26 - 00001427 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-16 21:07 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-16 21:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-03-16 20:44 - 2014-04-24 16:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Ableton
2015-03-14 18:24 - 2014-04-24 16:23 - 00000000 ____D () C:\Users\Simon\Documents\Ableton
2015-03-14 17:48 - 2015-01-05 12:06 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2015-03-14 16:37 - 2014-02-14 13:24 - 00000000 ____D () C:\Users\Simon\Documents\FIFA 12
2015-03-14 16:33 - 2013-10-06 20:34 - 00000000 ____D () C:\ProgramData\Origin
2015-03-14 16:33 - 2013-10-06 20:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-14 12:22 - 2015-02-04 17:54 - 00000386 _____ () C:\Users\Simon\Desktop\Fragen.txt
2015-03-14 00:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-13 18:59 - 2013-12-11 22:50 - 00000000 ____D () C:\Users\Simon\Documents\Native Instruments
2015-03-13 18:54 - 2013-10-07 21:35 - 00000000 ____D () C:\Program Files (x86)\VstPlugins32
2015-03-13 12:50 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 22:50 - 2015-01-03 13:41 - 00000000 ____D () C:\Program Files (x86)\VstPlugins64
2015-03-12 19:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 16:56 - 2009-07-14 05:45 - 05025832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 23:41 - 2014-11-23 01:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-11 23:40 - 2014-03-16 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 23:26 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-11 23:25 - 2013-10-07 20:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 23:11 - 2013-10-07 20:54 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-10 16:13 - 2013-10-06 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-03-06 13:15 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-03 21:57 - 2015-02-16 12:41 - 00000635 _____ () C:\Users\Simon\Desktop\Fahrschule.txt
2015-03-02 22:36 - 2011-11-06 13:23 - 00771290 _____ () C:\Windows\system32\perfh007.dat
2015-03-02 22:36 - 2011-11-06 13:23 - 00204790 _____ () C:\Windows\system32\perfc007.dat
2015-03-02 22:36 - 2009-07-14 06:13 - 01749894 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-02 16:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-28 22:12 - 2014-07-02 15:18 - 00005632 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:55 - 2014-12-29 12:17 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2015-02-21 00:07 - 2013-10-07 19:24 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-21 00:07 - 2012-08-21 12:01 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2015-02-21 00:07 - 2012-08-21 12:01 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2015-02-20 23:22 - 2013-10-31 20:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2015-02-20 13:54 - 2015-02-16 12:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 13:54 - 2013-10-31 20:23 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-01-07 18:54 - 2015-01-07 18:54 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll
2014-03-17 21:22 - 2014-03-17 21:22 - 0000132 _____ () C:\Users\Simon\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-03-17 15:29 - 2015-03-17 15:29 - 0000036 _____ () C:\Users\Simon\AppData\Roaming\store.efi
2015-03-17 15:29 - 2015-03-17 15:29 - 0000120 _____ () C:\Users\Simon\AppData\Roaming\store.mui
2013-10-30 20:29 - 2013-12-13 21:50 - 0001456 _____ () C:\Users\Simon\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-07-02 15:18 - 2015-02-28 22:12 - 0005632 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-23 20:16 - 2014-01-23 20:16 - 0000058 _____ () C:\Users\Simon\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-29 18:55 - 2014-09-29 18:55 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\89799258-5CCE-F450-309A-009FC7E5786D.dll
C:\Users\Simon\AppData\Local\Temp\Ableton Swapper.exe
C:\Users\Simon\AppData\Local\Temp\AcDeltree.exe
C:\Users\Simon\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\Simon\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Simon\AppData\Local\Temp\app.exe
C:\Users\Simon\AppData\Local\Temp\arctic-loop.exe
C:\Users\Simon\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Simon\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Simon\AppData\Local\Temp\epom2_do-search_2013111114358.exe
C:\Users\Simon\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Simon\AppData\Local\Temp\gert0.exe
C:\Users\Simon\AppData\Local\Temp\i4jdel0.exe
C:\Users\Simon\AppData\Local\Temp\i4jdel1.exe
C:\Users\Simon\AppData\Local\Temp\i4jdel2.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Simon\AppData\Local\Temp\npp.6.5.2.Installer.exe
C:\Users\Simon\AppData\Local\Temp\ose00001.exe
C:\Users\Simon\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Simon\AppData\Local\Temp\sdapskill.exe
C:\Users\Simon\AppData\Local\Temp\sdaspwn.exe
C:\Users\Simon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Simon\AppData\Local\Temp\sonarinst.exe
C:\Users\Simon\AppData\Local\Temp\sp58915.exe
C:\Users\Simon\AppData\Local\Temp\SpOrder.dll
C:\Users\Simon\AppData\Local\Temp\sSetup-se.exe
C:\Users\Simon\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Simon\AppData\Local\Temp\System.Data.SQLite4a1ada74-fd17-4838-9c1f-ad546003703d.dll
C:\Users\Simon\AppData\Local\Temp\System.Data.SQLite9e3a133a-3407-4f0e-913a-51c1788392c4.dll
C:\Users\Simon\AppData\Local\Temp\System.Data.SQLitef545743a-1f7c-4cf5-a060-81753da743f8.dll
C:\Users\Simon\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Simon\AppData\Local\Temp\UpdateSetup.exe
C:\Users\Simon\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 14:01
==================== End Of Log ============================
|
|
19.03.2015, 22:13
| #4 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Und die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Simon at 2015-03-19 22:05:25
Running from C:\Users\Simon\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Ableton Live 8 (HKLM-x32\...\{3CBF4CD3-9370-44A0-B464-A21E588DD122}) (Version: 8.0.0.0 - Ableton)
ActiveState Komodo IDE 8.5.4 (HKLM-x32\...\{F55999C1-E7CA-405D-8A62-66EE1ABB22AE}) (Version: 8.5.4 - ActiveState Software Inc.)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio Express 2013 for Web (x32 Version: 2.1 - Microsoft Corporation) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ATI Catalyst Install Manager (HKLM\...\{96F38867-9D41-683C-DF60-034A731C37FE}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version: - )
bobyzoom (HKLM-x32\...\{9D8D5AD9-94C7-40B3-88F2-2B8F227F6381}) (Version: 1.1.0.30 - bobyzoom)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
COMODO Antivirus (HKLM\...\{093F13A3-177C-493E-8958-912A0C690B64}) (Version: 6.3.32439.2937 - COMODO Security Solutions Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DJ Intro version 1.2.3 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.2.3 - Serato Audio Research)
Dream of the Blood Moon (HKLM\...\UDK-7ce4b5b9-33ec-4ba1-a4b2-b6be828e13a5) (Version: - Epic Games, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Edirol HQ Orchestral v1.01 (HKLM-x32\...\Edirol HQ Orchestral v1.01) (Version: - )
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FIFA 13 Demo (HKLM-x32\...\{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 Demo (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
GeekBuddy (HKLM\...\{266FA04F-F0FA-4F7A-AA1E-387A57F579F2}) (Version: 4.19.131 - Comodo Security Solutions Inc)
Gladiator demo (HKLM\...\Tone2 Gladiator demo_is1) (Version: - Tone2)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
GRID 2 Demo (HKLM-x32\...\Steam App 248140) (Version: - Codemasters Racing)
GRID Autosport (HKLM-x32\...\GRID Autosport_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
Haunt 1.0 64bit (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Haunt 1.0 64bit) (Version: - )
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.200.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java-Editor 12.52, 2015.03.13 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marble Blast Gold (remove only) (HKLM-x32\...\MarbleBlastGoldShockwave) (Version: - )
Marble Blast Gold Demo (remove only) (HKLM-x32\...\MarbleBlastGoldDemo) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für das Web - DEU (HKLM-x32\...\{81b600cc-d985-40b7-8ab1-5442fb4f4845}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MotoGP™13 Demo (HKLM-x32\...\Steam App 243820) (Version: - Milestone S.r.l.)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Native Instruments Traktor DJ Studio 3 (HKLM-x32\...\Native Instruments Traktor DJ Studio 3) (Version: - )
Need for Speed™ SHIFT Demo (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}) (Version: 1.0.0.0 - Electronic Arts)
NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paros 3.2.13 (HKLM-x32\...\Paros_is1) (Version: - parosproxy.org)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Tools - Umleitungsvorlage (x32 Version: 1.0 - Microsoft Corporation) Hidden
Python Tools Redirection Template (x32 Version: 1.0 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Remote Mouse version 2.5 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.5 - Remote Mouse)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Screenshot Captor 4.8 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SketchUp 2014 (HKLM-x32\...\{9E620BD5-AEEC-492D-9065-D71FCD4C52F1}) (Version: 14.1.1282 - Trimble Navigation Limited)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Ski Challenge 14 (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\sc14-GAMETWIST_MAIN) (Version: - )
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 7 64bit (HKLM\...\{57FB2180-0FC7-41FC-8D76-3C4271CF4422}) (Version: 7.0.2 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 64bit (HKLM\...\{95D90857-61C2-4927-85FF-A317E46E7351}) (Version: 6.5.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version: - )
Sylenth1 Demo v2.20 (HKLM-x32\...\Sylenth1Demo_is1) (Version: - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TrackMania² Canyon Demo (HKLM-x32\...\Steam App 264850) (Version: - Nadeo)
Trials Evolution Gold Edition - Demo (HKLM-x32\...\Steam App 228860) (Version: - Redlynx Ltd)
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{6592B670-2680-11E3-B0E0-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Wasp (HKLM-x32\...\Wasp) (Version: - Image-Line)
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Worms 3D Demo (HKLM-x32\...\{481463D7-E5D9-4331-B154-B75D6D3C15F8}) (Version: 0.00.001 - )
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version: - Team17 Digital Ltd.)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version: - Team17 Software Ltd.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
17-03-2015 15:49:29 Installed Java 7 Update 45
17-03-2015 19:33:01 Wiederherstellungsvorgang
18-03-2015 22:49:36 AA11
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AAB13DC-2FCB-4626-9C09-E71EF8EDC7DA} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {1D25E891-107C-4435-92DB-34BA287D7572} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {319118F6-9333-479B-BD71-B325E9FD2C1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {353B60D7-B632-4D23-8D53-A87645DE8310} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3C889252-7E97-4BA7-8424-E36D9CC5D3A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-02-11] (Hewlett-Packard)
Task: {3FA2950D-E0DA-4F62-AC5D-FA3D2B9130BE} - System32\Tasks\HPCeeScheduleForSimon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {4E767EC7-C876-4D4D-8286-01BA2781F29D} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {6917235F-071E-4CF5-BC62-D0056AD88984} - System32\Tasks\AdobeAAMUpdater-1.0-Simon-HP-Simon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {6DF7495B-453E-4201-A774-9A16AA04A049} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {732A009F-ABA0-4ACC-B37B-93918A127137} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {7A9DA2D6-C205-4E2D-8688-DBFBD8F66AF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {976212C0-3712-4B9B-A740-16D6E523E801} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {9A05599A-408F-45C2-88B7-A5C197CF4596} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9F6B2557-5398-4523-B024-86168B020085} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A3CFBE5E-BC7C-4B95-8BC4-8C85777C3A46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A497C78A-1117-4753-A8DD-E1AAA3807DC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {B0626DE8-A92F-4DC3-AA99-F0D0D1C59B0E} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {C47202FA-D586-453B-A7B0-F30ADF64C5F7} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-03] (COMODO)
Task: {C797C360-9E6D-4ECE-8127-3CD650356449} - \RocketTab No Task File <==== ATTENTION
Task: {CDB305DC-F279-475F-9FA6-795183E9F5AA} - System32\Tasks\Apple\AppleSoftwareUpdate => c:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E8972EB4-3A98-47E4-9F31-28860FC4DBC1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>
Task: C:\Windows\Tasks\HPCeeScheduleForSimon.job =>
==================== Loaded Modules (whitelisted) ==============
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-10 18:50 - 2015-03-18 22:54 - 09566192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00499728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02144248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00869896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2015-03-10 18:47 - 2015-03-18 22:54 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-03-18 22:54 - 2015-03-18 22:54 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2015-03-18 23:05 - 2015-03-18 23:05 - 00784712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2015-03-18 23:05 - 2015-03-18 23:05 - 00573544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2015-03-18 23:05 - 2015-03-18 23:05 - 02657264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2015-03-18 23:05 - 2015-03-18 23:05 - 01331648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2013-10-30 22:16 - 2014-11-06 19:01 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-06-01 07:14 - 2011-06-01 07:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-12 01:20 - 2011-04-12 01:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-12 01:20 - 2011-04-12 01:20 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-09-29 19:00 - 2014-09-04 04:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-09-29 19:00 - 2014-09-04 04:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-05 23:14 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-12-03 19:07 - 2014-12-03 19:07 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2015-03-19 17:16 - 2014-09-04 04:41 - 00104328 _____ () C:\Users\Simon\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\install.exe:$CmdTcID
AlternateDataStreams: C:\Program Files (x86)\Nexus.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\BdFirewallSDK.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\bdfwcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\bdnc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\bdpop3p.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\bdpredir.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\bdsmtpp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\httproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msln.exe:00e74148e3309a1460eb4dc1fc18ecd2
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OEMbdpredir.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\synsoacc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOACC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOEMU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOPOS.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\avc3.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\avchv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\avckf.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\BdfNdisf6.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Trufos.sys:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\adwcleaner_4.112.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\adwcleaner_4.112.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\(500 Sub ) Free Sylenth Sound Bank(By KiDynamic).rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\2014 11 14 Information PULMOLL_Stevia_tins for translation_LABELS NEU.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\3LAU - Five Voices [3LAU Mashup].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Access_7_und_8_Kapitel_Abfragen.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\AdAware116WebInstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\AdAware116WebInstaller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\adwcleaner_4.112.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\adwcleaner_4.112.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Alex Metric - Heart Weighs A Ton (Vindata Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Alex Metric - Rave Weapon.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Andres Blows - Driver (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Arkasia - Fall Of The Repuplic.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\AsAP Rocky - Wild for the Night (Dog Blood Remix) [feat. Birdy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Avicii - Levels (Skrillex Sheffield Mix) (Wrillez Basics R.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Baauer & RL Grime - Infinite Daps.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Baauer - One Touch (feat. AlunaGeorge And Rae Sremmurd).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\BANKS - Fall Over (Djemba Djemba Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Barely Alive - Sell Your Soul (ft. Jeff Sontag).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Basement Jaxx - Wheres Your Head At.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bass On Fire - One Or Two Scary Homes (Skrillex Kezwik MUST DIE!.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Battery_4_410_PC.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Baunz - The Same Thing (Huxley Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ben LOncle Soul - SevenNationArmy live.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Benjie - Ich rauch mein Ganja den ganzen Tag.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Beyonce - 7_11 (Skrillex & Diplos Jack U Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley & The Wailers - Get Up Stand Up.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Bad Boys.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Could you be loved.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - I Shot The Sheriff.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - I Smoke Two Joints.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Jammin.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Legalize it.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Red Red Wine.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Boys Noize - Push Em Up (Salva Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Brandon Beal - Twerk It Like Miley feat. Christopher.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bro Safari - The Drop (MUST DIE! Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\C-Trox - Girls (Prod. Jaykode).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\c89f3d44-1d2b-4a63-ab37-8d10999e081a.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Cash Cash - Overtime.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Climbers - 2 Come Back (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Cubase7 Crack v1.3.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\Cubase7 Crack v1.3.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Daddys Groove - Stellar (Extended Club Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Daniel Fernandes - After All (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Deadmau5 feat. Gerard Way - Professional Griefers (Original Vocal Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Deorro - Bootie In Your Face (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Dillon Francis - When We Were Young (Zomboy Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Dimitri Vegas Like Mike & GTA Ft. Wolfpack - Turn It Up (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Diplo & Alvaro - 6th Gear (GTA Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Diplo ft Skrillex - Amplifire.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\DirectX_11_Setup.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\DJ Fresh feat. Ella Eyre - Gravity (Zeds Dead Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Doja Cat - So High (San Holo Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Dr Kucho! & Gregor Salto ft. Ane Brun - Cant Stop Playing (Makes Me High) (Cyan.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\e-dubble - Changed My Mind.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ed Sheeran - Don't.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ellie Goulding - Love Me Like You Do (Acapella) FREE DOWNLOAD.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Fall Out Boy - I Dont Care.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Far East Movement - Grimey Thirsty feat. YG.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Far East Movement feat ScHoolboy Q - The Illest.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Fatboy Slim VS Dimitri Vegas Like Mike & Ummet Ozc - Eat Sleep Rave Repeat (Tomorrowland Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Flashmob - Need In Me (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Flosstradamus ft. TroyBoi - Soundclash.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Foamo - Without You.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\From First to Last - Emily.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\From First To Last - Note to Self.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Galantis - Runaway (U & I) (Dillon Francis Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Galantis - Runaway (U & I).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Green Day - Boulevard Of Broken Dreams.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\GRID_Autosport.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Hot Since 82 - Knee Deep in Louise (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack U - Beat Steady Knockin'.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack U - Take U There (feat. Kiesza) [Zeds Dead Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (feat. Kiesza) (Tchami Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take U There (Netsky Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (feat. Kiesza) [L D R U Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (ft. Kiesza) [Felix Cartel Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (ft. Kiesza) [Vindata remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jay Forest Sample Pack 2.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jay Forest Sample Pack.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jaykode - NUTCRAKA.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jean Elan - Wheres Your Head At (Klaas Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jewelz & Scott Sparks feat. Quilla - Unless We Forget (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Joey Harmless - Act So Shady.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\JP6K_demo.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Just The Way You Are - Bruno Mars (Skrillex Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Kaskade ft. Mindy Gledhill - Eyes (Alvin Risk Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Kill Paris - I Do Love You.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KMSpico setup by MegaPennymarkt.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOAN Sound - 80s Fitness.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOAN Sound - Eastern Thug.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOAN Sound - Sly Fox.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - BOSSHAFT BODYBUILDING #1 (Beat by Phil Fanatic &.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - BOSSTRANSFORMATION THEME (Beat by Phil Fanatic &.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - IMPERATOR Juice Exclusive (Beat by Phil Fanatic &.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - NWO (Beat by Hookbeats & Phil Fanatic).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - Ruhe vor dem Sturm (Beat by Hookbeats & Phil Fana.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Kollegah ft Farid Bang - Dynamit (acapella) (1).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #12 - Der Jesse Pinkman (Beat by Sadikbeatz).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #13 - Der Personal Trainer (Beat by Joznez & Johnny Ill.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #4 - Der Maurermeister (Beat by Hookbeats & Phil Fanat.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #6 - Der Indianer (Beat by Phil Fanatic & Hookbeats).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Korn feat Skrillex and Kill the Noise - Narcissistic Cannibal.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Krewella - Come and Get It.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KVRT15.0.19.0.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\KVRT15.0.19.0.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Left Boy - Get It Right (Virtual Riot Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\LennarDigital.Sylenth1.v2.21.x86.x64_www.insfire.net.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Lil Boosie - Crazy (Brillz & Snails Bootleg).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Lorde - Tennis Court (Diplo's Andre Agassi Reebok Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Major Lazer & DJ Snake feat. MØ - Lean On.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Martin Solveig & GTA - Intoxicated (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Massive_140_PC.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Matisyahu - Sunshine.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\MIA - YALA (Bro Safari & Valentino Khan Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Migos - Fight Night.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Mike Williams - Konnichiwa (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Millok & Zigelli - Feel Me [Mario Basanov Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\musicradar-house-percussion-samples.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\MUST DIE! - Hellcat.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\M_ive52000Presets.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Nari & Milani Feat. Carl Fanini House Remix - Smells Like Teen Spirit.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\NexusFontSetup2.5.8.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\NexusFontSetup2.5.8.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ninetoes - Finder (Klardust Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Nirvana - Come As You Are (Frank Vaenz Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\ni_massive_pack_2013 (1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Noisia Feat. Foreign Beggars - Shellshock.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Nova - Feeling Of The Night (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\NYMZ - BINGBONG.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Oiki - Get It Now VIP.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\OneHandBand-Beatz - I get High.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Overwerk - Contact.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\pak_choirs_et_bonus_par_toutpourleson (1).rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Philip George - Wish You Were Mine (Dexcell Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Phonat - Set Me Free.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\PokerStarsInstallEU.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\PokerStarsInstallEU.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Press Play & Nathan Thomson - Sex Drugs & Bounce (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Around The World.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Californication.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Cant Stop.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Dani California.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Road Trippin.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Scar Tissue.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Snow (Hey Oh).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - The Adventures of Rain Dance Maggie.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Under The Bridge.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Replika_120_PC.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\RL Grime - Core (Djembas Selassie Bootleg).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\SecondCity - I Wanna Feel (Young Bombs Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Serato DJ Intro 1.2.3.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Serato Dj1.6.1 FULL By #DJALFAMED.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Shadow Child - 23 (ft. Tymer).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex & Katy Perry - E.T. (Bugzz Equinox Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex & Major Lazer - Get Cinema.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Baby Boy (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Breakn A Sweat VIP.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Breathe ft. Krewella (Vocal Edit) Extended.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Cat Rats.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - CUSP (xCosmikx Edit).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Dirty Vibe with Diplo G-Dragon and CL (Habstrakt.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Dirty Vibe with Diplo G-Dragon and CL (Jack Beats.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Dirty Vibe with Diplo G-Dragon and CL (Ricky Reme.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Do We Really.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - DownX3.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Fuckn Messy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - I am Skrillex.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Ragga Bomb feat. The Ragga Twins (Skrillex & Zomb.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Rock n Roll VIP + Unreleased Song.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Sexual Seduction.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - True Gangsters Final.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex feat. Sirah - Weekends!!! (Zedd Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\smime (1).p7s:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\snake_js.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Snoop Dogg ft. Pharrell - Drop It Like Its Hot.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Somewhere Up Here (Drop The Poptart) - Deadmau5 Ft. Colleen DAgostino.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Glow Worm.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Gypsyhook.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Oceans.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Se7en Bells.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Signal (Acoustic).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Soul Button - Come To Me (Dahu Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Soul Button - In My Stride feat. Stee Downes (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\SpydaT.E.K. - Si Me Dices(Random).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\SpyHunter-Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\SpyHunter-Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\STAY WITH ME - Sam Smith.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Steve Aoki Ft. Rivers Cuomo - Earthquakey People (Alvin Risk Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Swedish House Mafia vs. Knife Party - Antidote (Schoolboy Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sylenth1DemoWin32.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sylenth1DemoWin64.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\The Beatles - Hey Jude Vocals.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\TIM ISMAG - THE ROCK.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tiësto - Wasted ft. Matthew Koma (Ummet Ozcan Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tone2_Gladiator_demo_setup (1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tone2_Gladiator_demo_setup.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Torro Torro & Long Jawns - The Pump.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Torro Torro - CAN'T GET ENOUGH - (4songs.PK).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tristam & Braken - Flight.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Trollphace - Make It Bounce (feat. Harvey J).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Uberjakd - Bump Dat (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Uberjakd - GTFU (Krunk! remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\uiso9_pe.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\uiso9_pe.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Vaski - Take Me There.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\VC++_All_Redist_Packages.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild (2).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild-6-x-Multipower-Bleiakkus-12V-12Ah-Preis-pro-Akku-17.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Energy Drink.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Idols (EDM Mashup).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Minimalist.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Turn Up.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Were Not Alone.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot x ApeCrime - Instagram Battle.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\What So Not - The Quack.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\What So Not - Touched.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Wiz Khalifa - We Dem Boyz.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Wuki - Framework VIP.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\xKore ft. Zoe & Naomi - Need You (Centra Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Yellow Claw & Cesqeaux - Legends Ft. Kalibwoy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zedd - Dovregubben (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zedd - I Want You To Know ft. Selena Gomez.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zhu - Dj Snake - Dj Mustard - Faded 2.0.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zomboy - Here To Stay (MUST DIE! Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[kickass.so]cubase.7.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[kickass.so]native.instruments.battery.4.4.0.1.update.and.library.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[kickass.so]ni.massive.v1.1.4.vsti.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[TVSMILES GmbH] Betreff- Deine Prämie von TVSMILES - Amazon 10 Euro Gutschein (#414871).html:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[TVSMILES GmbH] Betreff- Deine Prämie von TVSMILES - Amazon 5 Euro Gutschein (#414881).html:$CmdZnID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2389831746-1586198665-2336280641-500 - Administrator - Disabled)
Gast (S-1-5-21-2389831746-1586198665-2336280641-501 - Limited - Enabled) => C:\Users\Gast
Simon (S-1-5-21-2389831746-1586198665-2336280641-1000 - Administrator - Enabled) => C:\Users\Simon
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/19/2015 09:58:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.89, Zeitstempel: 0x54fa819a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x1424
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (03/19/2015 09:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.89, Zeitstempel: 0x54fa819a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x1e88
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (03/19/2015 08:30:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.89, Zeitstempel: 0x54fa819a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x20f0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (03/19/2015 07:22:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.89, Zeitstempel: 0x54fa819a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x1e78
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (03/19/2015 05:19:22 PM) (Source: MsiInstaller) (EventID: 11310) (User: Simon-HP)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Simon\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (03/19/2015 05:18:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: Simon-HP)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Simon\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (03/19/2015 05:12:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007041d, Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
.
Vorgang:
VSS-Server wird instanziiert
Error: (03/19/2015 05:12:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x8007041d, Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
]
Vorgang:
VSS-Server wird instanziiert
Error: (03/19/2015 11:05:52 AM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/18/2015 11:25:26 PM) (Source: MsiInstaller) (EventID: 11310) (User: Simon-HP)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Simon\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
System errors:
=============
Error: (03/19/2015 05:15:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Symantec Eraser Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/19/2015 05:14:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.03.2015 um 17:13:10 unerwartet heruntergefahren.
Error: (03/19/2015 05:11:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/19/2015 05:11:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht.
Error: (03/19/2015 05:07:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/19/2015 05:07:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht.
Error: (03/19/2015 05:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/19/2015 05:03:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht.
Error: (03/19/2015 04:58:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/19/2015 04:58:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht.
Microsoft Office Sessions:
=========================
Error: (03/19/2015 09:58:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.8954fa819antdll.dll6.1.7601.18247521ea8e7c0000374000ce753142401d06284582217ceC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\ntdll.dllb83a5c8c-ce7a-11e4-b7cc-bc0543040e51
Error: (03/19/2015 09:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.8954fa819antdll.dll6.1.7601.18247521ea8e7c00000050002e3be1e8801d062820bd2eb05C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\ntdll.dll692143f9-ce75-11e4-b7cc-bc0543040e51
Error: (03/19/2015 08:30:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.8954fa819antdll.dll6.1.7601.18247521ea8e7c0000374000ce75320f001d06271d65fb8a3C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\ntdll.dll58f27693-ce6e-11e4-b7cc-bc0543040e51
Error: (03/19/2015 07:22:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.8954fa819antdll.dll6.1.7601.18247521ea8e7c0000374000ce7531e7801d06264a2773440C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\ntdll.dlld78c28d9-ce64-11e4-b7cc-bc0543040e51
Error: (03/19/2015 05:19:22 PM) (Source: MsiInstaller) (EventID: 11310) (User: Simon-HP)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Simon\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/19/2015 05:18:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: Simon-HP)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Simon\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/19/2015 05:12:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x8007041d, Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Vorgang:
VSS-Server wird instanziiert
Error: (03/19/2015 05:12:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007041d, Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Vorgang:
VSS-Server wird instanziiert
Error: (03/19/2015 11:05:52 AM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description:
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/18/2015 11:25:26 PM) (Source: MsiInstaller) (EventID: 11310) (User: Simon-HP)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Simon\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Processor: AMD A6-3600 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 39%
Total physical RAM: 8178.82 MB
Available physical RAM: 4942.11 MB
Total Pagefile: 16355.84 MB
Available Pagefile: 13017.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1830.73 GB) (Free:1493.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.65 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Massive-Lernkurs) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS
Drive h: (Volume) (Fixed) (Total:19.53 GB) (Free:6.76 GB) NTFS
Drive i: (SEAGATE_PC) (Fixed) (Total:1396.81 GB) (Free:799.15 GB) exFAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AAA41450)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1830.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 8F324A77)
Partition 1: (Not Active) - (Size=466.2 GB) - (Type=AF)
Partition 2: (Not Active) - (Size=1396.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
20.03.2015, 14:16
| #5 | ||
| /// TB-Ausbilder | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Mehrere Anti-Virus-Programme Code:
ATTFilter Ad-Aware Antivirus
COMODO Antivirus
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Zitat:
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
20.03.2015, 18:10
| #6 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Ok habe mich für Comodo entschieden und es müssten jetzt alle anderen Virensysteme runter sein. Hier die Log: Code:
ATTFilter 17:59:24.0261 0x2a04 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:59:28.0893 0x2a04 ============================================================
17:59:28.0893 0x2a04 Current date / time: 2015/03/20 17:59:28.0893
17:59:28.0893 0x2a04 SystemInfo:
17:59:28.0893 0x2a04
17:59:28.0893 0x2a04 OS Version: 6.1.7601 ServicePack: 1.0
17:59:28.0893 0x2a04 Product type: Workstation
17:59:28.0894 0x2a04 ComputerName: SIMON-HP
17:59:28.0894 0x2a04 UserName: Simon
17:59:28.0894 0x2a04 Windows directory: C:\Windows
17:59:28.0894 0x2a04 System windows directory: C:\Windows
17:59:28.0894 0x2a04 Running under WOW64
17:59:28.0894 0x2a04 Processor architecture: Intel x64
17:59:28.0894 0x2a04 Number of processors: 4
17:59:28.0894 0x2a04 Page size: 0x1000
17:59:28.0894 0x2a04 Boot type: Normal boot
17:59:28.0894 0x2a04 ============================================================
17:59:29.0197 0x2a04 KLMD registered as C:\Windows\system32\drivers\71242368.sys
17:59:30.0028 0x2a04 System UUID: {76117B55-2659-272A-28E3-E7B2790B6E47}
17:59:31.0542 0x2a04 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:59:31.0557 0x2a04 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x1D1C11, SectorsPerTrack: 0x20, TracksPerCylinder: 0x40, Type 'W'
17:59:31.0559 0x2a04 ============================================================
17:59:31.0559 0x2a04 \Device\Harddisk0\DR0:
17:59:31.0559 0x2a04 MBR partitions:
17:59:31.0559 0x2a04 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:59:31.0559 0x2a04 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE4D76800
17:59:31.0585 0x2a04 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE4DA9800, BlocksNum 0x270F800
17:59:31.0585 0x2a04 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xE74B9000, BlocksNum 0x194F000
17:59:31.0585 0x2a04 \Device\Harddisk2\DR2:
17:59:31.0586 0x2a04 MBR partitions:
17:59:31.0586 0x2a04 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3A450D2E, BlocksNum 0xAE9B7B82
17:59:31.0586 0x2a04 ============================================================
17:59:31.0619 0x2a04 C: <-> \Device\Harddisk0\DR0\Partition2
17:59:31.0668 0x2a04 D: <-> \Device\Harddisk0\DR0\Partition4
17:59:31.0688 0x2a04 I: <-> \Device\Harddisk2\DR2\Partition1
17:59:31.0707 0x2a04 H: <-> \Device\Harddisk0\DR0\Partition3
17:59:31.0707 0x2a04 ============================================================
17:59:31.0707 0x2a04 Initialize success
17:59:31.0707 0x2a04 ============================================================
18:00:27.0174 0x1fe0 ============================================================
18:00:27.0174 0x1fe0 Scan started
18:00:27.0174 0x1fe0 Mode: Manual; SigCheck; TDLFS;
18:00:27.0174 0x1fe0 ============================================================
18:00:27.0174 0x1fe0 KSN ping started
18:00:54.0715 0x1fe0 KSN ping finished: true
18:00:55.0671 0x1fe0 ================ Scan system memory ========================
18:00:55.0671 0x1fe0 System memory - ok
18:00:55.0673 0x1fe0 ================ Scan services =============================
18:00:55.0800 0x1fe0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:00:55.0950 0x1fe0 1394ohci - ok
18:00:55.0984 0x1fe0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:00:56.0011 0x1fe0 ACPI - ok
18:00:56.0020 0x1fe0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:00:56.0053 0x1fe0 AcpiPmi - ok
18:00:56.0188 0x1fe0 [ C81147AB3B711331DA930E56D896650C, CBBD154F49B993910EC13A09AA8F660E6B6ECE99133612A7AAD7B0767A9ACAD2 ] AdAppMgrSvc C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
18:00:56.0435 0x1fe0 AdAppMgrSvc - ok
18:00:56.0508 0x1fe0 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:00:56.0714 0x1fe0 AdobeARMservice - ok
18:00:56.0738 0x1fe0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:00:56.0770 0x1fe0 adp94xx - ok
18:00:56.0795 0x1fe0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:00:56.0821 0x1fe0 adpahci - ok
18:00:56.0836 0x1fe0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:00:56.0859 0x1fe0 adpu320 - ok
18:00:56.0880 0x1fe0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:00:57.0004 0x1fe0 AeLookupSvc - ok
18:00:57.0073 0x1fe0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:00:57.0122 0x1fe0 AFD - ok
18:00:57.0146 0x1fe0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:00:57.0164 0x1fe0 agp440 - ok
18:00:57.0177 0x1fe0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:00:57.0229 0x1fe0 ALG - ok
18:00:57.0269 0x1fe0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:00:57.0286 0x1fe0 aliide - ok
18:00:57.0327 0x1fe0 [ 998021E7C3DE3E97E441ABACE498FFB6, C0BB6C7E69429741536F76F764DA30809C60ED3CC64E28322C77405F1F97D1D7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:00:57.0366 0x1fe0 AMD External Events Utility - ok
18:00:57.0377 0x1fe0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:00:57.0394 0x1fe0 amdide - ok
18:00:57.0407 0x1fe0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:00:57.0444 0x1fe0 AmdK8 - ok
18:00:57.0758 0x1fe0 [ 250D5B746FFF9B7D88591EE60B63B3E4, 239CD594B1A929D3F21109B2E07A14DCD02AEB77C1116C9B8053FECE5ED26B30 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:00:58.0067 0x1fe0 amdkmdag - ok
18:00:58.0102 0x1fe0 [ 781DAEC0C3E63950CCA53D193582F2E8, C655BD004EC84DD238C607236E981A44FDC6F9594F865AAFC052151457632375 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:00:58.0147 0x1fe0 amdkmdap - ok
18:00:58.0169 0x1fe0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:00:58.0201 0x1fe0 AmdPPM - ok
18:00:58.0229 0x1fe0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:00:58.0248 0x1fe0 amdsata - ok
18:00:58.0274 0x1fe0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:00:58.0298 0x1fe0 amdsbs - ok
18:00:58.0316 0x1fe0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:00:58.0334 0x1fe0 amdxata - ok
18:00:58.0360 0x1fe0 [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
18:00:58.0388 0x1fe0 amd_sata - ok
18:00:58.0405 0x1fe0 [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
18:00:58.0421 0x1fe0 amd_xata - ok
18:00:58.0470 0x1fe0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
18:00:58.0491 0x1fe0 AppID - ok
18:00:58.0521 0x1fe0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:00:58.0553 0x1fe0 AppIDSvc - ok
18:00:58.0566 0x1fe0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:00:58.0634 0x1fe0 Appinfo - ok
18:00:58.0759 0x1fe0 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:00:58.0777 0x1fe0 Apple Mobile Device Service - ok
18:00:58.0791 0x1fe0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:00:58.0810 0x1fe0 arc - ok
18:00:58.0821 0x1fe0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:00:58.0840 0x1fe0 arcsas - ok
18:00:58.0919 0x1fe0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:00:58.0959 0x1fe0 aspnet_state - ok
18:00:58.0973 0x1fe0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:59.0016 0x1fe0 AsyncMac - ok
18:00:59.0048 0x1fe0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:00:59.0065 0x1fe0 atapi - ok
18:00:59.0087 0x1fe0 [ CBD14F698DEF12EE3557604B726CB8EB, 45EDD88B18F2DE9024851BFDE9DC0CA943692DD306CB3A0822F4A5C0C3D7CDD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:00:59.0106 0x1fe0 AtiHDAudioService - ok
18:00:59.0157 0x1fe0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:00:59.0213 0x1fe0 AudioEndpointBuilder - ok
18:00:59.0236 0x1fe0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:00:59.0274 0x1fe0 AudioSrv - ok
18:00:59.0346 0x1fe0 [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
18:00:59.0508 0x1fe0 Autodesk Content Service - ok
18:00:59.0517 0x1fe0 avchv - ok
18:00:59.0549 0x1fe0 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
18:00:59.0769 0x1fe0 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
18:01:02.0168 0x1fe0 Detect skipped due to KSN trusted
18:01:02.0168 0x1fe0 AVM WLAN Connection Service - ok
18:01:02.0218 0x1fe0 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
18:01:02.0248 0x1fe0 avmeject - ok
18:01:02.0298 0x1fe0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:01:02.0357 0x1fe0 AxInstSV - ok
18:01:02.0403 0x1fe0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:01:02.0436 0x1fe0 b06bdrv - ok
18:01:02.0464 0x1fe0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:01:02.0513 0x1fe0 b57nd60a - ok
18:01:02.0536 0x1fe0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:01:02.0586 0x1fe0 BDESVC - ok
18:01:02.0607 0x1fe0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:01:02.0660 0x1fe0 Beep - ok
18:01:02.0709 0x1fe0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:01:02.0763 0x1fe0 BFE - ok
18:01:02.0814 0x1fe0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:01:02.0908 0x1fe0 BITS - ok
18:01:02.0932 0x1fe0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:01:02.0958 0x1fe0 blbdrive - ok
18:01:03.0076 0x1fe0 [ EBB85E15359737801C5A278A061ABF6A, EEF98EE199898A87A6B9062D489A6C4F65B6B1688BF73F4D16718B1B621281B9 ] bobyzoom C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe
18:01:03.0076 0x1fe0 Suspicious file ( Hidden ): C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe. md5: EBB85E15359737801C5A278A061ABF6A, sha256: EEF98EE199898A87A6B9062D489A6C4F65B6B1688BF73F4D16718B1B621281B9
18:01:03.0078 0x1fe0 bobyzoom - detected HiddenFile.Multi.Generic ( 1 )
18:01:05.0599 0x1fe0 Detect skipped due to KSN trusted
18:01:05.0599 0x1fe0 bobyzoom - ok
18:01:05.0661 0x1fe0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:01:05.0698 0x1fe0 Bonjour Service - ok
18:01:05.0727 0x1fe0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:01:05.0749 0x1fe0 bowser - ok
18:01:05.0777 0x1fe0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:01:05.0800 0x1fe0 BrFiltLo - ok
18:01:05.0827 0x1fe0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:01:05.0865 0x1fe0 BrFiltUp - ok
18:01:05.0889 0x1fe0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:01:05.0930 0x1fe0 Browser - ok
18:01:05.0954 0x1fe0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:01:06.0003 0x1fe0 Brserid - ok
18:01:06.0019 0x1fe0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:01:06.0070 0x1fe0 BrSerWdm - ok
18:01:06.0088 0x1fe0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:01:06.0110 0x1fe0 BrUsbMdm - ok
18:01:06.0125 0x1fe0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:01:06.0159 0x1fe0 BrUsbSer - ok
18:01:06.0186 0x1fe0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:01:06.0220 0x1fe0 BTHMODEM - ok
18:01:06.0262 0x1fe0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:01:06.0369 0x1fe0 bthserv - ok
18:01:06.0437 0x1fe0 [ 2718FEFDDC3FCA848E11546DC3D65A9D, CD900F84D8220BEDB98EF436BFAF112DDF06F6A724A7FCB4B90C20B404FDE705 ] bzwdg C:\ProgramData\bobyzoom\1.1.0.30\bzwdg.exe
18:01:06.0438 0x1fe0 Suspicious file ( Hidden ): C:\ProgramData\bobyzoom\1.1.0.30\bzwdg.exe. md5: 2718FEFDDC3FCA848E11546DC3D65A9D, sha256: CD900F84D8220BEDB98EF436BFAF112DDF06F6A724A7FCB4B90C20B404FDE705
18:01:06.0439 0x1fe0 bzwdg - detected HiddenFile.Multi.Generic ( 1 )
18:01:08.0818 0x1fe0 Detect skipped due to KSN trusted
18:01:08.0818 0x1fe0 bzwdg - ok
18:01:08.0865 0x1fe0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:01:08.0946 0x1fe0 cdfs - ok
18:01:08.0979 0x1fe0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:01:09.0017 0x1fe0 cdrom - ok
18:01:09.0044 0x1fe0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:01:09.0101 0x1fe0 CertPropSvc - ok
18:01:09.0148 0x1fe0 [ 7AD735DB1A9CC82D75E8854952EE8052, 662E6A07AF995AFF7E2D7817F121028078E0B04B394A29D6E62A8BC287C7A6D9 ] CFRMD C:\Windows\system32\DRIVERS\CFRMD.sys
18:01:09.0172 0x1fe0 CFRMD - detected UnsignedFile.Multi.Generic ( 1 )
18:01:16.0896 0x1fe0 Detect skipped due to KSN trusted
18:01:16.0896 0x1fe0 CFRMD - ok
18:01:16.0958 0x1fe0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:01:17.0014 0x1fe0 circlass - ok
18:01:17.0043 0x1fe0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:01:17.0076 0x1fe0 CLFS - ok
18:01:17.0125 0x1fe0 [ 76500B9D115F00B0341A8F139DE8AB8B, 6D02E4E4472A26CC2BDA3394A564DFE4E96DD60111ADEB6A2A5B6506F07D101D ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
18:01:17.0147 0x1fe0 CLPSLauncher - ok
18:01:17.0203 0x1fe0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:01:17.0357 0x1fe0 clr_optimization_v2.0.50727_32 - ok
18:01:17.0381 0x1fe0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:01:17.0403 0x1fe0 clr_optimization_v2.0.50727_64 - ok
18:01:17.0472 0x1fe0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:01:17.0514 0x1fe0 clr_optimization_v4.0.30319_32 - ok
18:01:17.0550 0x1fe0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:01:17.0574 0x1fe0 clr_optimization_v4.0.30319_64 - ok
18:01:17.0599 0x1fe0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:01:17.0619 0x1fe0 CmBatt - ok
18:01:17.0928 0x1fe0 [ 4B0B521708BD95FFD393DC06D420DD81, 9DE650F5A7A45AE501FD2BDA41EB89E0F9216FE586FF1B038C680AF4F0152F2E ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
18:01:18.0171 0x1fe0 cmdAgent - ok
18:01:18.0208 0x1fe0 [ D64C607BE0A8DDDFF0237961655078CD, B648710E2D96C9488542847683EF07F82D2889AF89A41E7D5740184E1C09D84A ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
18:01:18.0223 0x1fe0 cmderd - ok
18:01:18.0271 0x1fe0 [ E6C82A953BFAB6258E7C8E41139DE396, 332C5F0678D4AF06D9558F352F30E050B5DC95CF88A12269CDAF43FD9DC3C889 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
18:01:18.0314 0x1fe0 cmdGuard - ok
18:01:18.0351 0x1fe0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:01:18.0368 0x1fe0 cmdide - ok
18:01:18.0475 0x1fe0 [ 0A8C3F0188ABD6F7864D010AF9A340DA, 6D6F3A19649720246C804A9FFE87CAE592FB70BB225BFE44AD3840F0CAE78F7D ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
18:01:18.0564 0x1fe0 cmdvirth - ok
18:01:18.0615 0x1fe0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
18:01:18.0658 0x1fe0 CNG - ok
18:01:18.0685 0x1fe0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:01:18.0702 0x1fe0 Compbatt - ok
18:01:18.0728 0x1fe0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:01:18.0750 0x1fe0 CompositeBus - ok
18:01:18.0762 0x1fe0 COMSysApp - ok
18:01:18.0773 0x1fe0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:01:18.0790 0x1fe0 crcdisk - ok
18:01:18.0828 0x1fe0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:01:18.0869 0x1fe0 CryptSvc - ok
18:01:18.0911 0x1fe0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:01:18.0979 0x1fe0 DcomLaunch - ok
18:01:19.0004 0x1fe0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:01:19.0066 0x1fe0 defragsvc - ok
18:01:19.0080 0x1fe0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:01:19.0124 0x1fe0 DfsC - ok
18:01:19.0167 0x1fe0 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:01:19.0187 0x1fe0 dg_ssudbus - ok
18:01:19.0212 0x1fe0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:01:19.0253 0x1fe0 Dhcp - ok
18:01:19.0259 0x1fe0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:01:19.0319 0x1fe0 discache - ok
18:01:19.0342 0x1fe0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:01:19.0361 0x1fe0 Disk - ok
18:01:19.0389 0x1fe0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:01:19.0445 0x1fe0 Dnscache - ok
18:01:19.0462 0x1fe0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:01:19.0515 0x1fe0 dot3svc - ok
18:01:19.0541 0x1fe0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:01:19.0588 0x1fe0 DPS - ok
18:01:19.0754 0x1fe0 [ E4A0D0C8F17073BE392F062DD1F6B50E, 26CF71517C09B24B6F6AB5AC902FF0D1426351BCCD6AB571510C83D0F6E32FE6 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
18:01:19.0847 0x1fe0 DragonUpdater - ok
18:01:19.0879 0x1fe0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:01:19.0918 0x1fe0 drmkaud - ok
18:01:19.0954 0x1fe0 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:01:19.0983 0x1fe0 dtsoftbus01 - ok
18:01:20.0044 0x1fe0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:01:20.0092 0x1fe0 DXGKrnl - ok
18:01:20.0110 0x1fe0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:01:20.0173 0x1fe0 EapHost - ok
18:01:20.0302 0x1fe0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:01:20.0451 0x1fe0 ebdrv - ok
18:01:20.0511 0x1fe0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
18:01:20.0552 0x1fe0 EFS - ok
18:01:20.0599 0x1fe0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:01:20.0670 0x1fe0 ehRecvr - ok
18:01:20.0695 0x1fe0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:01:20.0722 0x1fe0 ehSched - ok
18:01:20.0751 0x1fe0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:01:20.0785 0x1fe0 elxstor - ok
18:01:20.0804 0x1fe0 EraserSvc11311 - ok
18:01:20.0820 0x1fe0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:01:20.0849 0x1fe0 ErrDev - ok
18:01:20.0897 0x1fe0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:01:20.0954 0x1fe0 EventSystem - ok
18:01:20.0973 0x1fe0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:01:21.0029 0x1fe0 exfat - ok
18:01:21.0040 0x1fe0 ezSharedSvc - ok
18:01:21.0062 0x1fe0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:01:21.0127 0x1fe0 fastfat - ok
18:01:21.0159 0x1fe0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:01:21.0228 0x1fe0 Fax - ok
18:01:21.0246 0x1fe0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:01:21.0266 0x1fe0 fdc - ok
18:01:21.0279 0x1fe0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:01:21.0328 0x1fe0 fdPHost - ok
18:01:21.0337 0x1fe0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:01:21.0391 0x1fe0 FDResPub - ok
18:01:21.0407 0x1fe0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:01:21.0426 0x1fe0 FileInfo - ok
18:01:21.0435 0x1fe0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:01:21.0477 0x1fe0 Filetrace - ok
18:01:21.0552 0x1fe0 [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
18:01:21.0612 0x1fe0 FlexNet Licensing Service 64 - ok
18:01:21.0640 0x1fe0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:01:21.0709 0x1fe0 flpydisk - ok
18:01:21.0746 0x1fe0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:01:21.0777 0x1fe0 FltMgr - ok
18:01:21.0842 0x1fe0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:01:21.0935 0x1fe0 FontCache - ok
18:01:21.0976 0x1fe0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:01:22.0155 0x1fe0 FontCache3.0.0.0 - ok
18:01:22.0172 0x1fe0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:01:22.0190 0x1fe0 FsDepends - ok
18:01:22.0210 0x1fe0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:01:22.0231 0x1fe0 Fs_Rec - ok
18:01:22.0255 0x1fe0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:01:22.0283 0x1fe0 fvevol - ok
18:01:22.0345 0x1fe0 [ 4632BB93B668004965246D7911E2DD05, B4CCFFC488C94A0D82A6CC11A9BA2616B339217164719EABA3CF59913EA899FB ] fwlanusb4 C:\Windows\system32\DRIVERS\fwlanusb4.sys
18:01:22.0404 0x1fe0 fwlanusb4 - ok
18:01:22.0419 0x1fe0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:01:22.0438 0x1fe0 gagp30kx - ok
18:01:22.0477 0x1fe0 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:01:22.0735 0x1fe0 GamesAppService - ok
18:01:22.0785 0x1fe0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:01:22.0801 0x1fe0 GEARAspiWDM - ok
18:01:22.0892 0x1fe0 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
18:01:22.0973 0x1fe0 GeekBuddyRSP - ok
18:01:23.0018 0x1fe0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:01:23.0099 0x1fe0 gpsvc - ok
18:01:23.0161 0x1fe0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:01:23.0196 0x1fe0 gupdate - ok
18:01:23.0204 0x1fe0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:01:23.0223 0x1fe0 gupdatem - ok
18:01:23.0246 0x1fe0 gzflt - ok
18:01:23.0276 0x1fe0 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:01:23.0291 0x1fe0 hamachi - ok
18:01:23.0431 0x1fe0 [ B2D769C3899865902706A924CED699C7, 0E80C639BB6EA4E4CCA537494E8F96CB921DEB91429FFD0E93BBE966EF792916 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:01:23.0524 0x1fe0 Hamachi2Svc - ok
18:01:23.0562 0x1fe0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:01:23.0582 0x1fe0 hcw85cir - ok
18:01:23.0608 0x1fe0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:01:23.0640 0x1fe0 HdAudAddService - ok
18:01:23.0662 0x1fe0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:01:23.0704 0x1fe0 HDAudBus - ok
18:01:23.0720 0x1fe0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:01:23.0751 0x1fe0 HidBatt - ok
18:01:23.0767 0x1fe0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:01:23.0792 0x1fe0 HidBth - ok
18:01:23.0807 0x1fe0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:01:23.0845 0x1fe0 HidIr - ok
18:01:23.0872 0x1fe0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:01:23.0936 0x1fe0 hidserv - ok
18:01:23.0969 0x1fe0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:01:23.0999 0x1fe0 HidUsb - ok
18:01:24.0011 0x1fe0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:01:24.0072 0x1fe0 hkmsvc - ok
18:01:24.0113 0x1fe0 [ D3A6BCD0047EE7923C2C3960C4CDCA4D, DC947773EE362120CA1A41194A0B52C03AA608E00233B66E81A6C9AC73573EDE ] HMD C:\Windows\system32\DRIVERS\hmd.sys
18:01:24.0148 0x1fe0 HMD - ok
18:01:24.0169 0x1fe0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:01:24.0215 0x1fe0 HomeGroupListener - ok
18:01:24.0241 0x1fe0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:01:24.0281 0x1fe0 HomeGroupProvider - ok
18:01:24.0336 0x1fe0 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:01:24.0357 0x1fe0 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
18:01:26.0743 0x1fe0 Detect skipped due to KSN trusted
18:01:26.0743 0x1fe0 HP Support Assistant Service - ok
18:01:26.0816 0x1fe0 [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:01:26.0876 0x1fe0 HPClientSvc - ok
18:01:26.0969 0x1fe0 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:01:27.0216 0x1fe0 hpqwmiex - ok
18:01:27.0255 0x1fe0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:01:27.0274 0x1fe0 HpSAMD - ok
18:01:27.0308 0x1fe0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:01:27.0384 0x1fe0 HTTP - ok
18:01:27.0401 0x1fe0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:01:27.0419 0x1fe0 hwpolicy - ok
18:01:27.0442 0x1fe0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:01:27.0465 0x1fe0 i8042prt - ok
18:01:27.0494 0x1fe0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:01:27.0523 0x1fe0 iaStorV - ok
18:01:27.0599 0x1fe0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:01:27.0648 0x1fe0 idsvc - ok
18:01:27.0671 0x1fe0 IEEtwCollectorService - ok
18:01:27.0862 0x1fe0 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:01:28.0086 0x1fe0 igfx - ok
18:01:28.0124 0x1fe0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:01:28.0142 0x1fe0 iirsp - ok
18:01:28.0201 0x1fe0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:01:28.0270 0x1fe0 IKEEXT - ok
18:01:28.0448 0x1fe0 [ 91ED47813243B455E2D81115A8255F0E, 278B3D4397DB98513A952E3DDCFF9B6E2572167E200AA5B6046B23A9E80CA04B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:01:28.0612 0x1fe0 IntcAzAudAddService - ok
18:01:28.0650 0x1fe0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:01:28.0667 0x1fe0 intelide - ok
18:01:28.0695 0x1fe0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:01:28.0726 0x1fe0 intelppm - ok
18:01:28.0754 0x1fe0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:01:28.0803 0x1fe0 IPBusEnum - ok
18:01:28.0818 0x1fe0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:01:28.0873 0x1fe0 IpFilterDriver - ok
18:01:28.0931 0x1fe0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:01:28.0975 0x1fe0 iphlpsvc - ok
18:01:28.0987 0x1fe0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:01:29.0008 0x1fe0 IPMIDRV - ok
18:01:29.0024 0x1fe0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:01:29.0082 0x1fe0 IPNAT - ok
18:01:29.0167 0x1fe0 [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:01:29.0204 0x1fe0 iPod Service - ok
18:01:29.0223 0x1fe0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:01:29.0248 0x1fe0 IRENUM - ok
18:01:29.0263 0x1fe0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:01:29.0280 0x1fe0 isapnp - ok
18:01:29.0318 0x1fe0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:01:29.0345 0x1fe0 iScsiPrt - ok
18:01:29.0366 0x1fe0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:01:29.0384 0x1fe0 kbdclass - ok
18:01:29.0390 0x1fe0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:01:29.0421 0x1fe0 kbdhid - ok
18:01:29.0435 0x1fe0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
18:01:29.0455 0x1fe0 KeyIso - ok
18:01:29.0490 0x1fe0 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:01:29.0510 0x1fe0 KSecDD - ok
18:01:29.0537 0x1fe0 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:01:29.0558 0x1fe0 KSecPkg - ok
18:01:29.0573 0x1fe0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:01:29.0615 0x1fe0 ksthunk - ok
18:01:29.0651 0x1fe0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:01:29.0719 0x1fe0 KtmRm - ok
18:01:29.0750 0x1fe0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:01:29.0803 0x1fe0 LanmanServer - ok
18:01:29.0823 0x1fe0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:01:29.0886 0x1fe0 LanmanWorkstation - ok
18:01:29.0907 0x1fe0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:01:29.0971 0x1fe0 lltdio - ok
18:01:30.0006 0x1fe0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:01:30.0061 0x1fe0 lltdsvc - ok
18:01:30.0074 0x1fe0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:01:30.0132 0x1fe0 lmhosts - ok
18:01:30.0209 0x1fe0 [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
18:01:30.0241 0x1fe0 LMIGuardianSvc - ok
18:01:30.0262 0x1fe0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:01:30.0284 0x1fe0 LSI_FC - ok
18:01:30.0301 0x1fe0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:01:30.0322 0x1fe0 LSI_SAS - ok
18:01:30.0345 0x1fe0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:01:30.0364 0x1fe0 LSI_SAS2 - ok
18:01:30.0396 0x1fe0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:01:30.0416 0x1fe0 LSI_SCSI - ok
18:01:30.0430 0x1fe0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:01:30.0482 0x1fe0 luafv - ok
18:01:30.0501 0x1fe0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:01:30.0529 0x1fe0 Mcx2Svc - ok
18:01:30.0539 0x1fe0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:01:30.0556 0x1fe0 megasas - ok
18:01:30.0575 0x1fe0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:01:30.0601 0x1fe0 MegaSR - ok
18:01:30.0630 0x1fe0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:01:30.0677 0x1fe0 MMCSS - ok
18:01:30.0687 0x1fe0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:01:30.0743 0x1fe0 Modem - ok
18:01:30.0760 0x1fe0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:01:30.0796 0x1fe0 monitor - ok
18:01:30.0813 0x1fe0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:01:30.0832 0x1fe0 mouclass - ok
18:01:30.0845 0x1fe0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:01:30.0865 0x1fe0 mouhid - ok
18:01:30.0893 0x1fe0 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:01:30.0913 0x1fe0 mountmgr - ok
18:01:30.0995 0x1fe0 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:01:31.0024 0x1fe0 MozillaMaintenance - ok
18:01:31.0053 0x1fe0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:01:31.0083 0x1fe0 mpio - ok
18:01:31.0105 0x1fe0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:01:31.0152 0x1fe0 mpsdrv - ok
18:01:31.0183 0x1fe0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:01:31.0251 0x1fe0 MpsSvc - ok
18:01:31.0282 0x1fe0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:01:31.0305 0x1fe0 MRxDAV - ok
18:01:31.0328 0x1fe0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:01:31.0352 0x1fe0 mrxsmb - ok
18:01:31.0389 0x1fe0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:01:31.0418 0x1fe0 mrxsmb10 - ok
18:01:31.0442 0x1fe0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:01:31.0465 0x1fe0 mrxsmb20 - ok
18:01:31.0499 0x1fe0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:01:31.0516 0x1fe0 msahci - ok
18:01:31.0531 0x1fe0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:01:31.0551 0x1fe0 msdsm - ok
18:01:31.0564 0x1fe0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:01:31.0593 0x1fe0 MSDTC - ok
18:01:31.0611 0x1fe0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:01:31.0654 0x1fe0 Msfs - ok
18:01:31.0663 0x1fe0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:01:31.0717 0x1fe0 mshidkmdf - ok
18:01:31.0722 0x1fe0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:01:31.0739 0x1fe0 msisadrv - ok
18:01:31.0762 0x1fe0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:01:31.0833 0x1fe0 MSiSCSI - ok
18:01:31.0838 0x1fe0 msiserver - ok
18:01:31.0868 0x1fe0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:01:31.0910 0x1fe0 MSKSSRV - ok
18:01:31.0922 0x1fe0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:01:31.0963 0x1fe0 MSPCLOCK - ok
18:01:31.0968 0x1fe0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:01:32.0012 0x1fe0 MSPQM - ok
18:01:32.0036 0x1fe0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:01:32.0065 0x1fe0 MsRPC - ok
18:01:32.0076 0x1fe0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:01:32.0093 0x1fe0 mssmbios - ok
18:01:32.0098 0x1fe0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:01:32.0140 0x1fe0 MSTEE - ok
18:01:32.0149 0x1fe0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:01:32.0169 0x1fe0 MTConfig - ok
18:01:32.0175 0x1fe0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:01:32.0199 0x1fe0 Mup - ok
18:01:32.0232 0x1fe0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:01:32.0294 0x1fe0 napagent - ok
18:01:32.0341 0x1fe0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:01:32.0383 0x1fe0 NativeWifiP - ok
18:01:32.0440 0x1fe0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:01:32.0484 0x1fe0 NDIS - ok
18:01:32.0506 0x1fe0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:01:32.0550 0x1fe0 NdisCap - ok
18:01:32.0568 0x1fe0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:01:32.0610 0x1fe0 NdisTapi - ok
18:01:32.0623 0x1fe0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:01:32.0666 0x1fe0 Ndisuio - ok
18:01:32.0677 0x1fe0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:01:32.0736 0x1fe0 NdisWan - ok
18:01:32.0752 0x1fe0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:01:32.0812 0x1fe0 NDProxy - ok
18:01:32.0829 0x1fe0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:01:32.0879 0x1fe0 NetBIOS - ok
18:01:32.0895 0x1fe0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:01:32.0951 0x1fe0 NetBT - ok
18:01:32.0959 0x1fe0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
18:01:32.0980 0x1fe0 Netlogon - ok
18:01:33.0002 0x1fe0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:01:33.0059 0x1fe0 Netman - ok
18:01:33.0099 0x1fe0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:33.0123 0x1fe0 NetMsmqActivator - ok
18:01:33.0130 0x1fe0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:33.0154 0x1fe0 NetPipeActivator - ok
18:01:33.0182 0x1fe0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:01:33.0251 0x1fe0 netprofm - ok
18:01:33.0258 0x1fe0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:33.0284 0x1fe0 NetTcpActivator - ok
18:01:33.0294 0x1fe0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:33.0319 0x1fe0 NetTcpPortSharing - ok
18:01:33.0335 0x1fe0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:01:33.0353 0x1fe0 nfrd960 - ok
18:01:33.0646 0x1fe0 [ 374F2BB3A4E77C17EA6A696A76F3033A, BF70183E6EAE29559E8E3F1E1F00AF949C62E941301F88116DF29610488B0F0C ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
18:01:33.0913 0x1fe0 NIHardwareService - ok
18:01:33.0975 0x1fe0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:01:34.0018 0x1fe0 NlaSvc - ok
18:01:34.0139 0x1fe0 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:01:34.0242 0x1fe0 NOBU - ok
18:01:34.0261 0x1fe0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:01:34.0305 0x1fe0 Npfs - ok
18:01:34.0314 0x1fe0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:01:34.0370 0x1fe0 nsi - ok
18:01:34.0389 0x1fe0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:01:34.0431 0x1fe0 nsiproxy - ok
18:01:34.0546 0x1fe0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:01:34.0622 0x1fe0 Ntfs - ok
18:01:34.0648 0x1fe0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:01:34.0701 0x1fe0 Null - ok
18:01:34.0735 0x1fe0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:01:34.0755 0x1fe0 nvraid - ok
18:01:34.0775 0x1fe0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:01:34.0797 0x1fe0 nvstor - ok
18:01:34.0811 0x1fe0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:01:34.0832 0x1fe0 nv_agp - ok
18:01:34.0842 0x1fe0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:01:34.0878 0x1fe0 ohci1394 - ok
18:01:35.0015 0x1fe0 [ 4E2D0656946F2A19FED1C60E0E4FC1AF, 5551D5BD89EB650C5485BBB58DAA5473044B7C967B72687A27430FA9A1E812FE ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:01:35.0325 0x1fe0 Origin Client Service - ok
18:01:35.0382 0x1fe0 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:01:35.0404 0x1fe0 ose64 - ok
18:01:35.0638 0x1fe0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:01:35.0816 0x1fe0 osppsvc - ok
18:01:35.0865 0x1fe0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:01:35.0928 0x1fe0 p2pimsvc - ok
18:01:35.0950 0x1fe0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:01:35.0987 0x1fe0 p2psvc - ok
18:01:36.0019 0x1fe0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:01:36.0042 0x1fe0 Parport - ok
18:01:36.0070 0x1fe0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:01:36.0089 0x1fe0 partmgr - ok
18:01:36.0124 0x1fe0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:01:36.0162 0x1fe0 PcaSvc - ok
18:01:36.0179 0x1fe0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:01:36.0201 0x1fe0 pci - ok
18:01:36.0228 0x1fe0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:01:36.0245 0x1fe0 pciide - ok
18:01:36.0260 0x1fe0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:01:36.0285 0x1fe0 pcmcia - ok
18:01:36.0303 0x1fe0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:01:36.0324 0x1fe0 pcw - ok
18:01:36.0343 0x1fe0 pdfcDispatcher - ok
18:01:36.0413 0x1fe0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:01:36.0472 0x1fe0 PEAUTH - ok
18:01:36.0531 0x1fe0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:01:36.0684 0x1fe0 PerfHost - ok
18:01:36.0755 0x1fe0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:01:36.0844 0x1fe0 pla - ok
18:01:36.0882 0x1fe0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:01:36.0949 0x1fe0 PlugPlay - ok
18:01:36.0975 0x1fe0 PnkBstrA - ok
18:01:36.0990 0x1fe0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:01:37.0036 0x1fe0 PNRPAutoReg - ok
18:01:37.0065 0x1fe0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:01:37.0095 0x1fe0 PNRPsvc - ok
18:01:37.0129 0x1fe0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:01:37.0188 0x1fe0 PolicyAgent - ok
18:01:37.0221 0x1fe0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:01:37.0271 0x1fe0 Power - ok
18:01:37.0296 0x1fe0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:01:37.0355 0x1fe0 PptpMiniport - ok
18:01:37.0374 0x1fe0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:01:37.0408 0x1fe0 Processor - ok
18:01:37.0452 0x1fe0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:01:37.0517 0x1fe0 ProfSvc - ok
18:01:37.0526 0x1fe0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:01:37.0547 0x1fe0 ProtectedStorage - ok
18:01:37.0564 0x1fe0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:01:37.0607 0x1fe0 Psched - ok
18:01:37.0680 0x1fe0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:01:37.0745 0x1fe0 ql2300 - ok
18:01:37.0768 0x1fe0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:01:37.0788 0x1fe0 ql40xx - ok
18:01:37.0816 0x1fe0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:01:37.0857 0x1fe0 QWAVE - ok
18:01:37.0868 0x1fe0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:01:37.0893 0x1fe0 QWAVEdrv - ok
18:01:37.0907 0x1fe0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:01:37.0953 0x1fe0 RasAcd - ok
18:01:37.0966 0x1fe0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:01:38.0011 0x1fe0 RasAgileVpn - ok
18:01:38.0022 0x1fe0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:01:38.0075 0x1fe0 RasAuto - ok
18:01:38.0094 0x1fe0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:01:38.0138 0x1fe0 Rasl2tp - ok
18:01:38.0154 0x1fe0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:01:38.0222 0x1fe0 RasMan - ok
18:01:38.0246 0x1fe0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:01:38.0308 0x1fe0 RasPppoe - ok
18:01:38.0323 0x1fe0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:01:38.0389 0x1fe0 RasSstp - ok
18:01:38.0417 0x1fe0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:01:38.0478 0x1fe0 rdbss - ok
18:01:38.0498 0x1fe0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:01:38.0535 0x1fe0 rdpbus - ok
18:01:38.0555 0x1fe0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:01:38.0598 0x1fe0 RDPCDD - ok
18:01:38.0619 0x1fe0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:01:38.0672 0x1fe0 RDPENCDD - ok
18:01:38.0679 0x1fe0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:01:38.0722 0x1fe0 RDPREFMP - ok
18:01:38.0780 0x1fe0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:01:38.0816 0x1fe0 RdpVideoMiniport - ok
18:01:38.0843 0x1fe0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:01:38.0894 0x1fe0 RDPWD - ok
18:01:38.0926 0x1fe0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:01:38.0949 0x1fe0 rdyboost - ok
18:01:38.0974 0x1fe0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:01:39.0024 0x1fe0 RemoteAccess - ok
18:01:39.0035 0x1fe0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:01:39.0104 0x1fe0 RemoteRegistry - ok
18:01:39.0110 0x1fe0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:01:39.0159 0x1fe0 RpcEptMapper - ok
18:01:39.0180 0x1fe0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:01:39.0204 0x1fe0 RpcLocator - ok
18:01:39.0233 0x1fe0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:01:39.0298 0x1fe0 RpcSs - ok
18:01:39.0326 0x1fe0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:01:39.0370 0x1fe0 rspndr - ok
18:01:39.0415 0x1fe0 [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:01:39.0447 0x1fe0 RTL8167 - ok
18:01:39.0459 0x1fe0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
18:01:39.0479 0x1fe0 SamSs - ok
18:01:39.0495 0x1fe0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:01:39.0515 0x1fe0 sbp2port - ok
18:01:39.0533 0x1fe0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:01:39.0586 0x1fe0 SCardSvr - ok
18:01:39.0595 0x1fe0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:01:39.0645 0x1fe0 scfilter - ok
18:01:39.0693 0x1fe0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:01:39.0779 0x1fe0 Schedule - ok
18:01:39.0792 0x1fe0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:01:39.0835 0x1fe0 SCPolicySvc - ok
18:01:39.0854 0x1fe0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:01:39.0880 0x1fe0 sdbus - ok
18:01:39.0896 0x1fe0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:01:39.0936 0x1fe0 SDRSVC - ok
18:01:39.0965 0x1fe0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:01:40.0027 0x1fe0 secdrv - ok
18:01:40.0051 0x1fe0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:01:40.0105 0x1fe0 seclogon - ok
18:01:40.0115 0x1fe0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:01:40.0162 0x1fe0 SENS - ok
18:01:40.0178 0x1fe0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:01:40.0214 0x1fe0 SensrSvc - ok
18:01:40.0239 0x1fe0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:01:40.0259 0x1fe0 Serenum - ok
18:01:40.0271 0x1fe0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:01:40.0310 0x1fe0 Serial - ok
18:01:40.0327 0x1fe0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:01:40.0353 0x1fe0 sermouse - ok
18:01:40.0369 0x1fe0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:01:40.0433 0x1fe0 SessionEnv - ok
18:01:40.0448 0x1fe0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:01:40.0471 0x1fe0 sffdisk - ok
18:01:40.0475 0x1fe0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:01:40.0498 0x1fe0 sffp_mmc - ok
18:01:40.0511 0x1fe0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:01:40.0533 0x1fe0 sffp_sd - ok
18:01:40.0545 0x1fe0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:01:40.0565 0x1fe0 sfloppy - ok
18:01:40.0599 0x1fe0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:01:40.0668 0x1fe0 SharedAccess - ok
18:01:40.0707 0x1fe0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:01:40.0764 0x1fe0 ShellHWDetection - ok
18:01:40.0776 0x1fe0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:01:40.0795 0x1fe0 SiSRaid2 - ok
18:01:40.0801 0x1fe0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:01:40.0820 0x1fe0 SiSRaid4 - ok
18:01:40.0907 0x1fe0 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:01:40.0939 0x1fe0 SkypeUpdate - ok
18:01:40.0947 0x1fe0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:01:40.0995 0x1fe0 Smb - ok
18:01:41.0009 0x1fe0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:01:41.0044 0x1fe0 SNMPTRAP - ok
18:01:41.0060 0x1fe0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:01:41.0078 0x1fe0 spldr - ok
18:01:41.0126 0x1fe0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:01:41.0175 0x1fe0 Spooler - ok
18:01:41.0288 0x1fe0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:01:41.0464 0x1fe0 sppsvc - ok
18:01:41.0489 0x1fe0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:01:41.0539 0x1fe0 sppuinotify - ok
18:01:41.0590 0x1fe0 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:01:41.0613 0x1fe0 SQLWriter - ok
18:01:41.0635 0x1fe0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:01:41.0669 0x1fe0 srv - ok
18:01:41.0691 0x1fe0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:01:41.0735 0x1fe0 srv2 - ok
18:01:41.0766 0x1fe0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:01:41.0790 0x1fe0 srvnet - ok
18:01:41.0809 0x1fe0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:01:41.0863 0x1fe0 SSDPSRV - ok
18:01:41.0873 0x1fe0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:01:41.0920 0x1fe0 SstpSvc - ok
18:01:41.0968 0x1fe0 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:01:41.0991 0x1fe0 ssudmdm - ok
18:01:42.0047 0x1fe0 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:01:42.0273 0x1fe0 Steam Client Service - ok
18:01:42.0295 0x1fe0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:01:42.0312 0x1fe0 stexstor - ok
18:01:42.0347 0x1fe0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:01:42.0395 0x1fe0 stisvc - ok
18:01:42.0416 0x1fe0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:01:42.0433 0x1fe0 swenum - ok
18:01:42.0501 0x1fe0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:01:42.0547 0x1fe0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:01:52.0649 0x1fe0 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:02:07.0210 0x1fe0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:02:07.0283 0x1fe0 swprv - ok
18:02:07.0354 0x1fe0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:02:07.0436 0x1fe0 SysMain - ok
18:02:07.0467 0x1fe0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:02:07.0500 0x1fe0 TabletInputService - ok
18:02:07.0510 0x1fe0 Suspicious service (NoAccess): tammgF119
18:02:07.0534 0x1fe0 [ D9C84F7A3EA53C6DFC3E2B206715F77C, A07FC919C57A729946A079855F75465D14E78BB769A920D77A407F2C915E361F ] tammgF119 C:\Windows\system32\Drivers\tammgF119.sys
18:02:07.0534 0x1fe0 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\tammgF119.sys. md5: D9C84F7A3EA53C6DFC3E2B206715F77C, sha256: A07FC919C57A729946A079855F75465D14E78BB769A920D77A407F2C915E361F
18:02:07.0551 0x1fe0 tammgF119 - detected LockedService.Multi.Generic ( 1 )
18:02:09.0923 0x1fe0 Detect skipped due to KSN trusted
18:02:09.0923 0x1fe0 tammgF119 - ok
18:02:09.0927 0x1fe0 Suspicious service (NoAccess): tammgR119
18:02:09.0944 0x1fe0 [ CFABCF2BF681CAD94B6D2EBBC17A41AA, 71C8B8B00BBD925E110C4AC8CBD02BA468E001C954A04C62B566C8CE5BBDB261 ] tammgR119 C:\Windows\system32\Drivers\tammgR119.sys
18:02:09.0945 0x1fe0 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\tammgR119.sys. md5: CFABCF2BF681CAD94B6D2EBBC17A41AA, sha256: 71C8B8B00BBD925E110C4AC8CBD02BA468E001C954A04C62B566C8CE5BBDB261
18:02:09.0965 0x1fe0 tammgR119 - detected LockedService.Multi.Generic ( 1 )
18:02:12.0353 0x1fe0 Detect skipped due to KSN trusted
18:02:12.0354 0x1fe0 tammgR119 - ok
18:02:12.0407 0x1fe0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:02:12.0494 0x1fe0 TapiSrv - ok
18:02:12.0512 0x1fe0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:02:12.0574 0x1fe0 TBS - ok
18:02:12.0682 0x1fe0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:02:12.0758 0x1fe0 Tcpip - ok
18:02:12.0821 0x1fe0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:02:12.0890 0x1fe0 TCPIP6 - ok
18:02:12.0927 0x1fe0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:02:12.0947 0x1fe0 tcpipreg - ok
18:02:12.0967 0x1fe0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:02:12.0988 0x1fe0 TDPIPE - ok
18:02:13.0009 0x1fe0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:02:13.0028 0x1fe0 TDTCP - ok
18:02:13.0068 0x1fe0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:02:13.0090 0x1fe0 tdx - ok
18:02:13.0098 0x1fe0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:02:13.0116 0x1fe0 TermDD - ok
18:02:13.0193 0x1fe0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:02:13.0269 0x1fe0 TermService - ok
18:02:13.0288 0x1fe0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:02:13.0321 0x1fe0 Themes - ok
18:02:13.0336 0x1fe0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:02:13.0385 0x1fe0 THREADORDER - ok
18:02:13.0408 0x1fe0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:02:13.0478 0x1fe0 TrkWks - ok
18:02:13.0517 0x1fe0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:02:13.0587 0x1fe0 TrustedInstaller - ok
18:02:13.0611 0x1fe0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:02:13.0631 0x1fe0 tssecsrv - ok
18:02:13.0676 0x1fe0 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:02:13.0714 0x1fe0 TsUsbFlt - ok
18:02:13.0742 0x1fe0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:02:13.0762 0x1fe0 TsUsbGD - ok
18:02:13.0798 0x1fe0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:02:13.0852 0x1fe0 tunnel - ok
18:02:13.0872 0x1fe0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:02:13.0891 0x1fe0 uagp35 - ok
18:02:13.0913 0x1fe0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:02:13.0962 0x1fe0 udfs - ok
18:02:13.0982 0x1fe0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:02:14.0008 0x1fe0 UI0Detect - ok
18:02:14.0022 0x1fe0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:02:14.0040 0x1fe0 uliagpkx - ok
18:02:14.0061 0x1fe0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:02:14.0082 0x1fe0 umbus - ok
18:02:14.0096 0x1fe0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:02:14.0116 0x1fe0 UmPass - ok
18:02:14.0166 0x1fe0 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
18:02:14.0181 0x1fe0 UnlockerDriver5 - ok
18:02:14.0207 0x1fe0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:02:14.0265 0x1fe0 upnphost - ok
18:02:14.0293 0x1fe0 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:02:14.0302 0x1fe0 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
18:02:16.0679 0x1fe0 Detect skipped due to KSN trusted
18:02:16.0679 0x1fe0 USBAAPL64 - ok
18:02:16.0716 0x1fe0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:02:16.0751 0x1fe0 usbaudio - ok
18:02:16.0774 0x1fe0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:02:16.0797 0x1fe0 usbccgp - ok
18:02:16.0820 0x1fe0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:02:16.0842 0x1fe0 usbcir - ok
18:02:16.0865 0x1fe0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:02:16.0895 0x1fe0 usbehci - ok
18:02:16.0919 0x1fe0 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
18:02:16.0935 0x1fe0 usbfilter - ok
18:02:16.0971 0x1fe0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:02:17.0009 0x1fe0 usbhub - ok
18:02:17.0028 0x1fe0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:02:17.0064 0x1fe0 usbohci - ok
18:02:17.0087 0x1fe0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:02:17.0109 0x1fe0 usbprint - ok
18:02:17.0123 0x1fe0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:02:17.0144 0x1fe0 USBSTOR - ok
18:02:17.0179 0x1fe0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:02:17.0231 0x1fe0 usbuhci - ok
18:02:17.0258 0x1fe0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:02:17.0315 0x1fe0 UxSms - ok
18:02:17.0333 0x1fe0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
18:02:17.0354 0x1fe0 VaultSvc - ok
18:02:17.0362 0x1fe0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:02:17.0380 0x1fe0 vdrvroot - ok
18:02:17.0403 0x1fe0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:02:17.0465 0x1fe0 vds - ok
18:02:17.0473 0x1fe0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:02:17.0496 0x1fe0 vga - ok
18:02:17.0511 0x1fe0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:02:17.0553 0x1fe0 VgaSave - ok
18:02:17.0575 0x1fe0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:02:17.0597 0x1fe0 vhdmp - ok
18:02:17.0627 0x1fe0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:02:17.0644 0x1fe0 viaide - ok
18:02:17.0657 0x1fe0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:02:17.0676 0x1fe0 volmgr - ok
18:02:17.0701 0x1fe0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:02:17.0728 0x1fe0 volmgrx - ok
18:02:17.0749 0x1fe0 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:02:17.0774 0x1fe0 volsnap - ok
18:02:17.0887 0x1fe0 [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
18:02:17.0941 0x1fe0 VsEtwService120 - ok
18:02:17.0971 0x1fe0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:02:18.0001 0x1fe0 vsmraid - ok
18:02:18.0067 0x1fe0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:02:18.0169 0x1fe0 VSS - ok
18:02:18.0177 0x1fe0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:02:18.0200 0x1fe0 vwifibus - ok
18:02:18.0226 0x1fe0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:02:18.0299 0x1fe0 W32Time - ok
18:02:18.0340 0x1fe0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:02:18.0383 0x1fe0 WacomPen - ok
18:02:18.0410 0x1fe0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:02:18.0452 0x1fe0 WANARP - ok
18:02:18.0459 0x1fe0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:02:18.0502 0x1fe0 Wanarpv6 - ok
18:02:18.0555 0x1fe0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:02:18.0639 0x1fe0 wbengine - ok
18:02:18.0659 0x1fe0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:02:18.0706 0x1fe0 WbioSrvc - ok
18:02:18.0740 0x1fe0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:02:18.0782 0x1fe0 wcncsvc - ok
18:02:18.0793 0x1fe0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:02:18.0830 0x1fe0 WcsPlugInService - ok
18:02:18.0846 0x1fe0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:02:18.0863 0x1fe0 Wd - ok
18:02:18.0904 0x1fe0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:02:18.0948 0x1fe0 Wdf01000 - ok
18:02:19.0012 0x1fe0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:02:19.0063 0x1fe0 WdiServiceHost - ok
18:02:19.0070 0x1fe0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:02:19.0094 0x1fe0 WdiSystemHost - ok
18:02:19.0116 0x1fe0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:02:19.0159 0x1fe0 WebClient - ok
18:02:19.0171 0x1fe0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:02:19.0241 0x1fe0 Wecsvc - ok
18:02:19.0263 0x1fe0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:02:19.0321 0x1fe0 wercplsupport - ok
18:02:19.0340 0x1fe0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:02:19.0397 0x1fe0 WerSvc - ok
18:02:19.0418 0x1fe0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:02:19.0465 0x1fe0 WfpLwf - ok
18:02:19.0475 0x1fe0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:02:19.0493 0x1fe0 WIMMount - ok
18:02:19.0514 0x1fe0 WinDefend - ok
18:02:19.0527 0x1fe0 WinHttpAutoProxySvc - ok
18:02:19.0575 0x1fe0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:02:19.0629 0x1fe0 Winmgmt - ok
18:02:19.0736 0x1fe0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:02:19.0852 0x1fe0 WinRM - ok
18:02:19.0879 0x1fe0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:02:19.0902 0x1fe0 WinUsb - ok
18:02:19.0950 0x1fe0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:02:20.0011 0x1fe0 Wlansvc - ok
18:02:20.0048 0x1fe0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:02:20.0066 0x1fe0 wlcrasvc - ok
18:02:20.0170 0x1fe0 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:02:20.0263 0x1fe0 wlidsvc - ok
18:02:20.0308 0x1fe0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:02:20.0336 0x1fe0 WmiAcpi - ok
18:02:20.0369 0x1fe0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:02:20.0409 0x1fe0 wmiApSrv - ok
18:02:20.0428 0x1fe0 WMPNetworkSvc - ok
18:02:20.0440 0x1fe0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:02:20.0477 0x1fe0 WPCSvc - ok
18:02:20.0488 0x1fe0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:02:20.0535 0x1fe0 WPDBusEnum - ok
18:02:20.0546 0x1fe0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:02:20.0589 0x1fe0 ws2ifsl - ok
18:02:20.0599 0x1fe0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:02:20.0632 0x1fe0 wscsvc - ok
18:02:20.0637 0x1fe0 WSearch - ok
18:02:20.0747 0x1fe0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:02:20.0845 0x1fe0 wuauserv - ok
18:02:20.0887 0x1fe0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:02:20.0908 0x1fe0 WudfPf - ok
18:02:20.0930 0x1fe0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:02:20.0954 0x1fe0 WUDFRd - ok
18:02:20.0965 0x1fe0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:02:21.0000 0x1fe0 wudfsvc - ok
18:02:21.0044 0x1fe0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:02:21.0085 0x1fe0 WwanSvc - ok
18:02:21.0125 0x1fe0 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
18:02:21.0145 0x1fe0 xusb21 - ok
18:02:21.0169 0x1fe0 ================ Scan global ===============================
18:02:21.0192 0x1fe0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:02:21.0229 0x1fe0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:02:21.0249 0x1fe0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:02:21.0270 0x1fe0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:02:21.0300 0x1fe0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:02:21.0312 0x1fe0 [ Global ] - ok
18:02:21.0312 0x1fe0 ================ Scan MBR ==================================
18:02:21.0320 0x1fe0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:02:21.0606 0x1fe0 \Device\Harddisk0\DR0 - ok
18:02:21.0615 0x1fe0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
18:02:21.0816 0x1fe0 \Device\Harddisk2\DR2 - ok
18:02:21.0817 0x1fe0 ================ Scan VBR ==================================
18:02:21.0821 0x1fe0 [ E25746DBB4261B23FA1A2A94BB8C94EA ] \Device\Harddisk0\DR0\Partition1
18:02:21.0880 0x1fe0 \Device\Harddisk0\DR0\Partition1 - ok
18:02:21.0887 0x1fe0 [ 832A0C3985FA69FE5A162716B10DDE9D ] \Device\Harddisk0\DR0\Partition2
18:02:21.0952 0x1fe0 \Device\Harddisk0\DR0\Partition2 - ok
18:02:21.0975 0x1fe0 [ ACAAC3FFAE3E2679565FED0989BD5696 ] \Device\Harddisk0\DR0\Partition3
18:02:21.0978 0x1fe0 \Device\Harddisk0\DR0\Partition3 - ok
18:02:21.0985 0x1fe0 [ 3F02DDD3010A01EE15A77715996F8478 ] \Device\Harddisk0\DR0\Partition4
18:02:21.0988 0x1fe0 \Device\Harddisk0\DR0\Partition4 - ok
18:02:21.0998 0x1fe0 [ 7C6FF59E82601E421E78EDDDB7EC9AD5 ] \Device\Harddisk2\DR2\Partition1
18:02:22.0003 0x1fe0 \Device\Harddisk2\DR2\Partition1 - ok
18:02:22.0004 0x1fe0 ================ Scan generic autorun ======================
18:02:22.0053 0x1fe0 [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
18:02:22.0083 0x1fe0 hpsysdrv - ok
18:02:22.0212 0x1fe0 [ 5DADB84EBBF4EEA44777BE8F9D274B9C, C0B317493438EDACE8F11964FEB37AEA132296A067CAC531998346DE92CEA2C3 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
18:02:22.0278 0x1fe0 COMODO Internet Security - ok
18:02:22.0321 0x1fe0 [ 393F021E2A9FA19AC94BA4482E32FC6C, 8DC7A061643099B8A1915ADB59D89912A117883D4194BCC05F653E19DFD321A9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:02:22.0354 0x1fe0 AdobeAAMUpdater-1.0 - ok
18:02:22.0457 0x1fe0 [ 0F77770991308CA1F58F18EED7EBE7B7, 3CB77C6ADAC58EE7F85BD3EA1F7C8218A95BE84B15DB38E39E66BF5CD32B4CE0 ] C:\PROGRA~1\Eraser\Eraser.exe
18:02:22.0499 0x1fe0 Eraser - ok
18:02:22.0567 0x1fe0 [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
18:02:22.0598 0x1fe0 iTunesHelper - ok
18:02:22.0669 0x1fe0 [ 0A44A10B0277525846E2E210008E0D6C, 3FF5A1835A16AF2315BDD60FC74E54F665F713DF1745042F5F063A5C9CC0AFAE ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:02:22.0707 0x1fe0 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
18:02:25.0100 0x1fe0 Detect skipped due to KSN trusted
18:02:25.0101 0x1fe0 StartCCC - ok
18:02:25.0208 0x1fe0 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
18:02:25.0247 0x1fe0 HP Software Update - ok
18:02:25.0350 0x1fe0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:02:25.0615 0x1fe0 Sidebar - ok
18:02:25.0641 0x1fe0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:02:25.0672 0x1fe0 mctadmin - ok
18:02:25.0707 0x1fe0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:02:25.0759 0x1fe0 Sidebar - ok
18:02:25.0767 0x1fe0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:02:25.0800 0x1fe0 mctadmin - ok
18:02:25.0866 0x1fe0 [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
18:02:25.0907 0x1fe0 iCloudServices - ok
18:02:26.0030 0x1fe0 [ FF5E26337407DFC9198E1B726298EFAD, 14A99C55F510674F9B421406454DEC572BA6E1BA1B4B210BAAAA6498D5826F6B ] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
18:02:26.0071 0x1fe0 Remote Mouse - detected UnsignedFile.Multi.Generic ( 1 )
18:02:28.0452 0x1fe0 Remote Mouse ( UnsignedFile.Multi.Generic ) - warning
18:02:31.0019 0x1fe0 [ DF552350CDC2AA39C01CE40612DF82A8, 17B90AFC0837712EBC781FAC912B288125A900370B09B32320EB874704CACCE2 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
18:02:31.0261 0x1fe0 KiesPreload - ok
18:02:31.0477 0x1fe0 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:02:31.0606 0x1fe0 DAEMON Tools Lite - ok
18:02:31.0850 0x1fe0 [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
18:02:31.0995 0x1fe0 Akamai NetSession Interface - ok
18:02:32.0119 0x1fe0 [ 7C83E887E8DFD5FEA0E06D7116B99360, AD4481235E0564E6F3405572FD8E358E677B25BCD817DD7DE5756E5FCAEFD457 ] C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe
18:02:32.0182 0x1fe0 uTorrent - ok
18:02:32.0186 0x1fe0 Waiting for KSN requests completion. In queue: 4
18:02:33.0186 0x1fe0 Waiting for KSN requests completion. In queue: 4
18:02:34.0186 0x1fe0 Waiting for KSN requests completion. In queue: 4
18:02:35.0328 0x1fe0 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.1.0.4426 ), 0x61000 ( enabled : updated )
18:02:35.0335 0x1fe0 Win FW state via NFP2: enabled
18:02:37.0740 0x1fe0 ============================================================
18:02:37.0740 0x1fe0 Scan finished
18:02:37.0740 0x1fe0 ============================================================
18:02:37.0770 0x2bc0 Detected object count: 2
18:02:37.0770 0x2bc0 Actual detected object count: 2
18:04:17.0279 0x2bc0 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:04:17.0279 0x2bc0 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:04:17.0281 0x2bc0 Remote Mouse ( UnsignedFile.Multi.Generic ) - skipped by user
18:04:17.0281 0x2bc0 Remote Mouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.03.2015, 20:51
| #7 |
| /// TB-Ausbilder | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Servus, Scan mit Combofix
|
|
20.03.2015, 22:38
| #8 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Combofix hat nicht gemeckert wegen Virensystem oder so, hier die log: Code:
ATTFilter ComboFix 15-03-14.03 - Simon 20.03.2015 21:17:17.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8179.6355 [GMT 1:00]
ausgeführt von:: c:\users\Simon\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
SP: Comodo Defense+ *Disabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\adaware-installer-reboot-required.tmp
c:\programdata\ntuser.pol
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
c:\users\Simon\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\security\logs\scecomp.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-20 bis 2015-03-20 ))))))))))))))))))))))))))))))
.
.
2015-03-20 20:38 . 2015-03-20 20:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-20 20:38 . 2015-03-20 20:38 -------- d-----w- c:\users\Gast\AppData\Local\temp
2015-03-20 17:26 . 2015-03-20 17:26 -------- d-----w- c:\users\Simon\AppData\Roaming\JavaEditor
2015-03-19 21:02 . 2015-03-19 21:07 -------- d-----w- C:\FRST
2015-03-18 21:54 . 2015-03-18 21:54 -------- d-----w- c:\users\Simon\AppData\Roaming\LavasoftStatistics
2015-03-18 14:18 . 2015-03-20 12:23 -------- d-----w- c:\programdata\PDFC
2015-03-17 21:01 . 2015-03-17 21:02 -------- d-----w- C:\KVRT_Data
2015-03-17 16:35 . 2015-03-17 16:35 -------- d-----w- C:\sh_backup
2015-03-17 14:40 . 2015-03-17 20:45 -------- d-----w- c:\users\Simon\AppData\Roaming\Maaxi
2015-03-17 14:29 . 2015-03-17 16:15 -------- d-----w- c:\users\Simon\AppData\Roaming\Azes
2015-03-16 21:13 . 2015-03-20 17:06 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-03-16 21:13 . 2015-03-16 21:13 -------- d-----w- c:\programdata\Malwarebytes
2015-03-16 20:32 . 2015-03-19 20:34 -------- d-----w- C:\AdwCleaner
2015-03-16 20:11 . 2015-03-16 20:11 -------- d-sh--w- c:\users\Simon\AppData\Local\EmieBrowserModeList
2015-03-16 20:10 . 2015-03-16 20:10 -------- d-----w- c:\users\Simon\AppData\Roaming\QuickScan
2015-03-16 20:08 . 2015-03-16 20:08 -------- d-----w- c:\programdata\338492126a3249459a948fc3ab4924b4
2015-03-13 13:55 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4563A1C6-E848-433A-9D7D-72554B256780}\mpengine.dll
2015-03-13 11:52 . 2015-03-13 11:52 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-03-12 21:48 . 2015-03-12 21:48 -------- d-----w- c:\program files (x86)\Steinberg
2015-03-11 13:26 . 2015-03-11 13:26 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-03-11 13:26 . 2015-03-11 13:26 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-03-11 13:26 . 2015-03-11 13:26 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-11 13:14 . 2015-03-11 13:14 1067520 ----a-w- c:\windows\system32\msctf.dll
2015-03-11 13:12 . 2015-03-11 13:12 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 13:12 . 2015-03-11 13:12 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-10 15:13 . 2015-03-10 15:13 -------- d-----w- c:\program files (x86)\Common Files\COMODO
2015-02-28 21:08 . 2015-03-01 20:53 -------- d-----w- c:\users\Simon\AppData\Roaming\Audacity
2015-02-28 21:08 . 2015-02-28 21:08 -------- d-----w- c:\program files (x86)\Audacity
2015-02-20 23:07 . 2015-02-20 23:07 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-20 23:07 . 2015-02-20 23:07 -------- d-----w- c:\program files\iTunes
2015-02-20 23:07 . 2015-02-20 23:07 -------- d-----w- c:\program files (x86)\iTunes
2015-02-20 23:07 . 2015-02-20 23:07 -------- d-----w- c:\program files\iPod
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-18 21:53 . 2015-01-06 11:36 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2015-03-11 22:11 . 2013-10-07 19:54 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-06 12:15 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 23:07 . 2012-08-21 11:01 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2015-02-20 23:07 . 2012-08-21 11:01 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2015-02-17 14:30 . 2015-02-17 14:30 1691808 ----a-w- c:\windows\system32\FM20.DLL
2015-02-16 15:20 . 2014-01-30 12:52 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-02-11 13:41 . 2015-02-11 13:41 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-02-11 13:41 . 2015-02-11 13:41 91136 ----a-w- c:\windows\system32\wdi.dll
2015-02-11 13:41 . 2015-02-11 13:41 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-02-11 13:41 . 2015-02-11 13:41 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-02-11 13:41 . 2015-02-11 13:41 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-11 13:41 . 2015-02-11 13:41 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-11 13:41 . 2015-02-11 13:41 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-11 13:41 . 2015-02-11 13:41 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-11 13:41 . 2015-02-11 13:41 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-02-11 13:41 . 2015-02-11 13:41 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-11 13:41 . 2015-02-11 13:41 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-11 13:41 . 2015-02-11 13:41 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-02-11 13:40 . 2015-02-11 13:40 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 13:40 . 2015-02-11 13:40 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-02-11 13:40 . 2015-02-11 13:40 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 13:40 . 2015-02-11 13:40 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-01-30 13:36 . 2013-12-04 09:30 319912 ----a-w- c:\windows\system32\javaws.exe
2015-01-30 13:36 . 2013-12-04 09:30 191400 ----a-w- c:\windows\system32\javaw.exe
2015-01-30 13:36 . 2013-12-04 09:30 190888 ----a-w- c:\windows\system32\java.exe
2015-01-30 13:36 . 2013-12-04 09:30 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-01-30 13:35 . 2014-10-17 11:04 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-30 12:27 . 2013-09-24 09:54 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-01-30 12:27 . 2013-09-24 09:54 792648 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-01-30 12:27 . 2013-09-24 09:54 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-01-30 12:27 . 2013-09-24 09:54 20184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-01-30 12:27 . 2013-09-24 09:53 40736 ----a-w- c:\windows\system32\cmdcsr.dll
2015-01-30 12:27 . 2013-09-24 09:53 481576 ----a-w- c:\windows\system32\guard64.dll
2015-01-30 12:27 . 2013-09-24 09:53 386768 ----a-w- c:\windows\SysWow64\guard32.dll
2015-01-30 12:27 . 2013-09-24 09:53 354520 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-01-30 12:27 . 2013-09-24 09:53 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-01-30 12:27 . 2013-09-24 09:53 286424 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-01-30 12:27 . 2013-09-24 09:53 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-01-14 14:29 . 2015-01-14 14:29 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-14 14:29 . 2015-01-14 14:29 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-07 17:54 . 2015-01-07 17:54 5811712 ----a-w- c:\program files (x86)\Nexus.dll
2015-01-07 17:54 . 2013-10-15 21:09 1332224 ----a-w- c:\windows\SysWow64\SYNSOEMU.DLL
2015-01-04 23:24 . 2015-01-04 23:24 2892 ----a-w- c:\windows\SysWow64\audcon.sys
2015-01-04 23:22 . 2015-01-04 23:22 86016 ----a-w- c:\windows\SysWow64\SYNSOPOS.exe
2015-01-04 23:22 . 2015-01-04 23:22 1277952 ----a-w- c:\windows\SysWow64\SYNSOACC.dll
2015-01-04 23:22 . 2015-01-04 23:22 1714176 ----a-w- c:\windows\system32\synsoacc.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816]
"Remote Mouse"="c:\program files (x86)\Remote Mouse\RemoteMouse.exe" [2013-12-14 1195520]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-12-11 1564528]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Akamai NetSession Interface"="c:\users\Simon\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"uTorrent"="c:\users\Simon\AppData\Roaming\uTorrent\uTorrent.exe" [2015-03-04 1742928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-01 336384]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-20 60712]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-01-02 1022152]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2015-01-02 41360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2015-01-02 840592]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-07 1243656]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-12-11 311152]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" [2014-09-04 488328]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2015-03-10 2327248]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-02-17 3978600]
.
c:\users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
iTunes.lnk - c:\program files\iTunes\iTunes.exe [2015-2-13 4186920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 EraserSvc11311;Symantec Eraser Service;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 tammgF119;tammgF119 service;tammgF119 service [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys;c:\windows\SYSNATIVE\DRIVERS\hmd.sys [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 bobyzoom;bobyzoom;c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe;c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe [x]
S2 bzwdg;bzwdg;c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe;c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 fwlanusb4;FRITZ!WLAN N/G;c:\windows\system32\DRIVERS\fwlanusb4.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb4.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 43548634
*NewlyCreated* - 46386864
*Deregistered* - 43548634
*Deregistered* - 46386864
*Deregistered* - BdfNdisf
*Deregistered* - bdfwfpf
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-20 17:57 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17 14:51]
.
2015-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17 14:51]
.
2015-03-19 c:\windows\Tasks\HPCeeScheduleForSimon.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-02-03 1297624]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-20 169768]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
mCustomizeSearch = hxxp://www.bing.com/search?q={searchTerms}
mSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{9D8D5AD9-94C7-40B3-88F2-2B8F227F6381} - c:\programdata\bobyzoom\1.1.0.30\Uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tammgF119]
"ImagePath"="\??\c:\windows\system32\Drivers\tammgF119.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tammgR119]
"ImagePath"="\??\c:\windows\system32\Drivers\tammgR119.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\SecuROM\License information*]
"datasecu"=hex:31,36,bf,77,41,cb,0d,03,7c,09,64,81,82,5a,c3,6d,de,df,96,7a,d5,
e0,c4,68,3a,9c,9d,50,9b,66,87,bc,4e,55,43,2c,26,40,e9,aa,65,8b,0b,91,44,21,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Zeit der Fertigstellung: 2015-03-20 21:47:19
ComboFix-quarantined-files.txt 2015-03-20 20:47
.
Vor Suchlauf: 18 Verzeichnis(se), 1.610.527.838.208 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 1.611.557.306.368 Bytes frei
.
- - End Of File - - C790DF1AC5AC80EA040961E0B5FB6FEB
A36C5E4F47E84449FF07ED3517B43A31
|
|
20.03.2015, 22:45
| #9 |
| /// TB-Ausbilder | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
21.03.2015, 00:44
| #10 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Hallo, nach dem Scan mit MBAM ist die Werbung im Browser weg Vielen Dank Ich weiß nicht ob die Logs noch wichtig sind deshalb poste ich sie mal. Danke AdwCleaner[S0]: Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 20/03/2015 um 22:59:39
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-15.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Simon - SIMON-HP
# Gestarted von : C:\Users\Simon\Desktop\AdwCleaner_4.112.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKLM\SOFTWARE\GeekBuddyRSP
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v29.0.1 (de)
-\\ Google Chrome v41.0.2272.101
-\\ Comodo Dragon v36.1.1.21
*************************
AdwCleaner[R0].txt - [1082 Bytes] - [18/03/2015 22:46:51]
AdwCleaner[R1].txt - [1210 Bytes] - [19/03/2015 21:30:44]
AdwCleaner[R2].txt - [1268 Bytes] - [20/03/2015 22:56:57]
AdwCleaner[S0].txt - [1190 Bytes] - [20/03/2015 22:59:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1249 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 20.03.2015 Suchlauf-Zeit: 23:07:45 Logdatei: mbam2.txt Administrator: Ja Version: 2.01.4.1018 Malware Datenbank: v2015.03.20.07 Rootkit Datenbank: v2015.02.25.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Simon Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 496662 Verstrichene Zeit: 18 Min, 37 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 5 PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, 2508, Löschen bei Neustart, [02c573d42961d75f046a911db44fa65a] PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, 2748, Löschen bei Neustart, [17b031160e7cc571d09fd5d9b15226da] PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, 5544, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db] PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, 5692, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db] PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, 5500, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db] Module: 21 PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], Registrierungsschlüssel: 7 PUP.Optional.Multiplug, HKU\S-1-5-21-2389831746-1586198665-2336280641-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantäne, [388ff94e88028ea87c79bf64e32034cc], PUP.Optional.Multiplug, HKU\S-1-5-21-2389831746-1586198665-2336280641-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantäne, [388ff94e88028ea87c79bf64e32034cc], PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bobyzoom, In Quarantäne, [02c573d42961d75f046a911db44fa65a], PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bzwdg, In Quarantäne, [17b031160e7cc571d09fd5d9b15226da], PUP.Optional.ZoomPic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgF119, Löschen bei Neustart, [aa1dfc4bfa9043f3ec59fbb3cd36b34d], PUP.Optional.ZoomPic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgR119, Löschen bei Neustart, [91364007ec9efd3957ef5e5029dadc24], PUP.Optional.Bobyzoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9D8D5AD9-94C7-40B3-88F2-2B8F227F6381}, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 8 PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\components, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], Dateien: 43 PUP.Optional.ZoomPic.A, c:\windows\system32\drivers\tammgf119.sys, Löschen bei Neustart, [20a7b3947119e84eee55476744bf2bd5], PUP.Optional.ZoomPic.A, c:\windows\system32\drivers\tammgr119.sys, Löschen bei Neustart, [7f48c582800a83b355ef5955bd46738d], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, Löschen bei Neustart, [02c573d42961d75f046a911db44fa65a], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, Löschen bei Neustart, [17b031160e7cc571d09fd5d9b15226da], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.dat, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.xpi, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml64.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, Löschen bei Neustart, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\logo.ico, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammg.sys, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgf.sys, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgr.sys, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\uninstaller.exe, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\utils.exe, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgapi.js, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain.js, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_bg.js, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_cs.js, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\jquery4toolbar.js, In Quarantäne, [0eb91e29b1d9a88e2fe1bfef3dc625db], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome.manifest, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\install.rdf, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\bubble.js, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\bubble.xul, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\icon.png, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\jquery4toolbar.js, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\style.xul, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\witapi.js, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\witmain.js, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\witutils.js, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_expire, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_gb, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_expire, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_gb, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_expire, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_gb, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], PUP.Optional.Bobyzoom.A, C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com\components\handleProtocol.js, In Quarantäne, [b3142324f8922f07140ed3dba3600ff1], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.5 (03.17.2015:1)
OS: Windows 7 Home Premium x64
Ran by Simon on 20.03.2015 at 23:35:30,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{0555FEA2-A617-4025-ABAF-B0F5BE195EE3}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{0C21240A-898A-4461-9151-E205EDCB89C4}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{0ECE3D9A-4291-4EBC-AC12-BDADBAB0534D}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{0F64D129-3EED-492C-BEC0-FA7F8D68E43B}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{1658CD64-93F9-42ED-AE06-435D9EFCB9B7}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{180E86E7-BBE4-463D-BFC6-9A00B5218504}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{19309696-7FD9-4BFF-AF4A-E89FC8ED6704}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{224A93BD-394C-48F2-AEDF-8E2F9E30C0F5}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{308BAA2D-AC1C-431B-9790-151032DF75B9}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{315EBFC6-CCA5-4FDB-8F54-43CE062B0B8B}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{32B11760-DB15-4162-A2BE-459D504A1C18}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{4483ABC6-E218-4A00-AF2A-A41E5F33F0AA}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{4A18F11F-6F4F-4720-A1BC-8CCBC2A81EC0}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{4B86EF1E-BA61-4411-8DB1-2F9374B935C4}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{4C0A59D7-2815-4B27-AFEF-2BA89D1D238C}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{5B8D2D6D-9087-4C72-AA62-8EF64A2A4064}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{5C0EAD54-160A-48B1-B814-A52B255310A7}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{6F4BEF20-F8A5-49A9-8701-6BC861E4534C}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{79629737-C95B-4775-9868-F7B0FADEBB2F}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{80426683-8D9E-4F86-BD77-45D543C0E2B3}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{85360970-F6E1-4CC8-9F3F-8FD0213AFBDE}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{91770220-5CFE-48A7-AB1D-916CB0EE91A6}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{93A65E05-01E2-4C3E-B173-AC823983C33F}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{954CBFF3-38A7-4D73-8D44-A9431A633984}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{968D31B3-7219-4A6C-B57B-007393D27A1A}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{9DA6F98E-7EB9-4067-BEC4-B3FB73DF14F1}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{A43BF01D-E4D4-4E76-8B2F-8B08462BCCE2}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{B835D8AE-05EB-4ECB-A36D-E61EA16C327F}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{BE084FEF-2877-4655-B0FD-6FE0E332FB18}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{BE95F106-43E9-4269-9549-D5B8BEAE3BD4}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{BF0732DD-8F9C-4731-A047-5B778DE3A6C0}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{DB50EF68-ADE5-442E-98D0-8E84C1392818}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{DBD6E932-B89E-4598-919F-F00ED6166A19}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{E1A40903-AA1D-4530-8FA0-603B85BA55BC}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{E2EA8CF8-72CA-4F3F-B6F7-551B82A8546B}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{EF3CE676-A66C-4C25-A16F-045D7529B041}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{F325C754-0AC9-4224-B366-9367A8771CD4}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{F526FCAB-174D-40E9-AD32-F98C45B02A61}
Successfully deleted: [Empty Folder] C:\Users\Simon\appdata\local\{FE8B1214-4F4D-4CD0-9768-B35A58AD30D0}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.03.2015 at 0:13:32,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Simon (administrator) on SIMON-HP on 21-03-2015 00:34:27
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Akamai Technologies, Inc.) C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
(BitTorrent Inc.) C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Akamai Technologies, Inc.) C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Autodesk Inc.) C:\Users\Simon\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-02-03] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-21] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-01-02] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-07] (Easybits)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-10] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1195520 2013-12-14] (RemoteMouse.net)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [uTorrent] => C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Policies\Explorer: []
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunes.lnk
ShortcutTarget: iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.1.14
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.1.14
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-09-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-09-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-18]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-29]
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com [Not Found]
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com [Not Found]
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com [Not Found]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-09-24]
CHR Extension: (Google Slides) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Google Docs) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Google Drive) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-06]
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-06]
CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-06]
CHR Extension: (Google Sheets) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Adblock Plus Popup) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdpphnfafkjbgbkdopdanfcidmkioni [2014-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgfnehbddlogppjfeiahlllidhoonhge [2015-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Video Download Helper) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-31] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-10] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-02-03] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-02-03] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-10] (Comodo Security Solutions, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-20] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-14] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-06] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 EraserSvc11311; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe" /h ccCommon [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-06-26] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-03] (Disc Soft Ltd)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-20] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-20] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-21 00:34 - 2015-03-21 00:34 - 00028043 _____ () C:\Users\Simon\Desktop\FRST.txt
2015-03-21 00:13 - 2015-03-21 00:13 - 00005043 _____ () C:\Users\Simon\Desktop\JRT.txt
2015-03-20 23:33 - 2015-03-20 23:34 - 00014255 _____ () C:\Users\Simon\Desktop\mbam.txt
2015-03-20 23:28 - 2015-03-20 23:28 - 00002738 _____ () C:\Windows\System32\Tasks\Tempo Runner bz64
2015-03-20 23:28 - 2015-03-20 23:28 - 00000412 _____ () C:\Windows\Tasks\Tempo Runner bz64.job
2015-03-20 23:25 - 2015-03-20 23:25 - 01388672 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe
2015-03-20 23:24 - 2015-03-20 23:25 - 01388672 _____ (Thisisu) C:\Users\Simon\Downloads\JRT.exe
2015-03-20 23:07 - 2015-03-20 23:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-20 23:06 - 2015-03-20 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-20 23:05 - 2015-03-20 23:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-20 23:05 - 2015-03-20 23:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Simon\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-20 22:55 - 2015-03-20 22:55 - 02171392 _____ () C:\Users\Simon\Downloads\AdwCleaner_4.112 (1).exe
2015-03-20 22:55 - 2015-03-20 22:55 - 02171392 _____ () C:\Users\Simon\Desktop\AdwCleaner_4.112.exe
2015-03-20 21:47 - 2015-03-20 21:47 - 00032004 _____ () C:\ComboFix.txt
2015-03-20 21:13 - 2015-03-20 21:13 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00098816 _____ () C:\Windows\sed.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00080412 _____ () C:\Windows\grep.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00068096 _____ () C:\Windows\zip.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-20 21:13 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-20 21:12 - 2015-03-20 21:47 - 00000000 ____D () C:\Qoobox
2015-03-20 21:10 - 2015-03-20 21:41 - 00000000 ____D () C:\Windows\erdnt
2015-03-20 20:56 - 2015-03-20 20:56 - 05615380 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe
2015-03-20 20:55 - 2015-03-20 20:56 - 05615380 _____ (Swearware) C:\Users\Simon\Downloads\ComboFix.exe
2015-03-20 18:26 - 2015-03-20 18:26 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\JavaEditor
2015-03-20 17:54 - 2015-03-20 17:53 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Desktop\tdsskiller.exe
2015-03-20 17:53 - 2015-03-20 17:53 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Downloads\tdsskiller.exe
2015-03-19 22:05 - 2015-03-19 22:07 - 00100858 _____ () C:\Users\Simon\Downloads\Addition.txt
2015-03-19 22:03 - 2015-03-19 22:07 - 00074733 _____ () C:\Users\Simon\Downloads\FRST.txt
2015-03-19 22:02 - 2015-03-21 00:34 - 00000000 ____D () C:\FRST
2015-03-19 22:01 - 2015-03-19 22:01 - 02095616 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2015-03-19 21:27 - 2015-03-19 21:27 - 00015388 _____ () C:\Users\Simon\Desktop\Ad-Aware_Report_Custom_Manual_2015-03-19T21-25-01.902704.xml
2015-03-19 20:29 - 2015-03-19 21:36 - 00018448 _____ () C:\Users\Simon\Desktop\Adware.txt
2015-03-18 22:54 - 2015-03-18 22:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\LavasoftStatistics
2015-03-18 22:53 - 2015-03-18 22:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-03-18 22:49 - 2015-03-18 22:49 - 02071768 _____ () C:\Users\Simon\Downloads\AdAware116WebInstaller.exe
2015-03-18 22:45 - 2015-03-18 22:46 - 02171392 _____ () C:\Users\Simon\Downloads\adwcleaner_4.112.exe
2015-03-18 15:18 - 2015-03-20 23:29 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-17 22:03 - 2015-03-17 22:03 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 22:01 - 2015-03-17 22:02 - 00000000 ____D () C:\KVRT_Data
2015-03-17 21:59 - 2015-03-17 22:01 - 133981896 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Downloads\KVRT15.0.19.0.exe
2015-03-17 17:35 - 2015-03-17 17:35 - 00000000 ____D () C:\sh_backup
2015-03-17 17:25 - 2015-03-17 17:25 - 00000000 _____ () C:\autoexec.bat
2015-03-17 17:22 - 2015-03-17 17:23 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Simon\Downloads\SpyHunter-Installer.exe
2015-03-17 15:53 - 2015-03-20 18:58 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 15:53 - 2015-03-17 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 15:51 - 2015-03-20 23:56 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-17 15:51 - 2015-03-20 23:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-17 15:51 - 2015-03-17 15:51 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-17 15:51 - 2015-03-17 15:51 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-17 15:50 - 2015-03-17 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-17 15:50 - 2015-01-30 14:35 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-03-17 15:50 - 2015-01-30 14:35 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-17 15:40 - 2015-03-17 21:45 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Maaxi
2015-03-17 15:29 - 2015-03-17 17:15 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Azes
2015-03-17 15:29 - 2015-03-17 15:29 - 00000120 _____ () C:\Users\Simon\AppData\Roaming\store.mui
2015-03-17 15:29 - 2015-03-17 15:29 - 00000036 _____ () C:\Users\Simon\AppData\Roaming\store.efi
2015-03-16 22:13 - 2015-03-20 23:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-16 22:13 - 2015-03-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-16 22:08 - 2015-03-16 22:12 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-16 21:32 - 2015-03-20 22:59 - 00000000 ____D () C:\AdwCleaner
2015-03-16 21:11 - 2015-03-16 21:11 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieBrowserModeList
2015-03-16 21:10 - 2015-03-16 21:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2015-03-16 21:08 - 2015-03-16 21:08 - 00000000 ____D () C:\ProgramData\338492126a3249459a948fc3ab4924b4
2015-03-14 11:54 - 2015-03-14 11:54 - 00019779 _____ () C:\Users\Simon\Downloads\2014 11 14 Information PULMOLL_Stevia_tins for translation_LABELS NEU.xlsx
2015-03-14 02:21 - 2015-03-14 02:21 - 00000000 ___RD () C:\Users\Simon\Desktop\Drums Project
2015-03-13 19:24 - 2015-03-13 19:25 - 02356216 _____ (Gerhard Röhner ) C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe
2015-03-13 19:16 - 2015-03-13 19:16 - 48909782 _____ () C:\Users\Simon\Downloads\ni_massive_pack_2013 (1).zip
2015-03-13 19:12 - 2015-03-13 19:14 - 112557786 _____ () C:\Users\Simon\Downloads\M_ive52000Presets.rar
2015-03-13 18:48 - 2015-03-13 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2015-03-13 18:46 - 2015-03-13 18:46 - 11166093 _____ () C:\Users\Simon\Downloads\LennarDigital.Sylenth1.v2.21.x86.x64_www.insfire.net.rar
2015-03-13 18:43 - 2015-03-13 18:43 - 00002933 _____ () C:\Users\Simon\Downloads\(500 Sub ) Free Sylenth Sound Bank(By KiDynamic).rar
2015-03-13 12:52 - 2015-03-13 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-13 12:52 - 2015-03-13 12:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-03-12 22:53 - 2015-03-12 22:54 - 05387630 _____ () C:\Users\Simon\Downloads\Sylenth1DemoWin64.zip
2015-03-12 22:48 - 2015-03-12 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1 Demo
2015-03-12 22:48 - 2015-03-12 22:48 - 05308733 _____ () C:\Users\Simon\Downloads\Sylenth1DemoWin32.zip
2015-03-12 22:48 - 2015-03-12 22:48 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2015-03-11 22:13 - 2015-03-11 22:13 - 00000000 ___RD () C:\Users\Simon\Desktop\Intro Project
2015-03-11 14:27 - 2015-03-11 14:27 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 14:27 - 2015-03-11 14:27 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 14:27 - 2015-03-11 14:27 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 14:27 - 2015-03-11 14:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 14:27 - 2015-03-11 14:27 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 14:27 - 2015-03-11 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 14:27 - 2015-03-11 14:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 14:14 - 2015-03-11 14:14 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 14:14 - 2015-03-11 14:14 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 14:14 - 2015-03-11 14:14 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 14:14 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 14:14 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 14:12 - 2015-03-11 14:12 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 14:12 - 2015-03-11 14:12 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00278786 _____ () C:\Users\Simon\Downloads\Access_7_und_8_Kapitel_Abfragen.zip
2015-03-01 21:51 - 2015-03-01 21:52 - 427737644 _____ () C:\Users\Simon\Desktop\Mix_1.wav
2015-02-28 22:08 - 2015-03-01 21:53 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Audacity
2015-02-28 22:08 - 2015-02-28 22:08 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-02-28 22:08 - 2015-02-28 22:08 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-02-28 22:08 - 2015-02-28 22:08 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-02-28 22:06 - 2015-02-28 22:06 - 01203488 _____ () C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe
2015-02-25 23:42 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 23:42 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 23:42 - 2013-11-10 23:03 - 00000000 ____D () C:\Users\Simon\Desktop\Jannick Larsen Sample Pack 2
2015-02-24 23:42 - 2013-07-01 10:12 - 00000000 ____D () C:\Users\Simon\Desktop\Jannick Larsen Sample Pack
2015-02-24 22:59 - 2015-02-24 23:12 - 332172142 _____ () C:\Users\Simon\Downloads\Jay Forest Sample Pack 2.rar
2015-02-24 22:59 - 2015-02-24 23:06 - 121510185 _____ () C:\Users\Simon\Downloads\Jay Forest Sample Pack.rar
2015-02-24 22:41 - 2015-02-24 22:55 - 758440728 _____ () C:\Users\Simon\Downloads\musicradar-house-percussion-samples.zip
2015-02-22 19:23 - 2015-02-22 19:23 - 00011034 _____ () C:\Users\Simon\Downloads\snake_js.zip
2015-02-21 20:10 - 2015-02-23 21:23 - 00442368 _____ () C:\Users\Simon\Desktop\Trainingsplan.indd
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files\iTunes
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files\iPod
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-21 00:32 - 2013-10-15 21:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\uTorrent
2015-03-21 00:00 - 2013-10-06 17:07 - 02003115 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 23:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-20 23:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-20 23:30 - 2013-12-03 22:26 - 00000000 ____D () C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2015-03-20 23:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 23:29 - 2009-07-14 05:51 - 00120816 _____ () C:\Windows\setupact.log
2015-03-20 23:28 - 2010-11-21 04:47 - 00859786 _____ () C:\Windows\PFRO.log
2015-03-20 23:03 - 2014-09-29 18:34 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai
2015-03-20 21:47 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-20 21:39 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-20 20:59 - 2013-10-06 18:25 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-03-20 13:29 - 2013-10-06 17:26 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64C34E7A-F718-4277-8DD3-9A6EF5ACA927}
2015-03-20 13:25 - 2013-10-15 20:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2015-03-19 23:10 - 2013-10-06 20:53 - 00325916 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-03-19 17:14 - 2013-10-17 19:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForSimon.job
2015-03-18 22:53 - 2015-01-06 12:36 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-18 21:57 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\Simon\Desktop\Import Musik
2015-03-18 21:57 - 2013-10-18 14:22 - 00000000 ____D () C:\Users\Simon\Desktop\Musik
2015-03-18 15:31 - 2013-10-17 19:45 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSimon
2015-03-18 15:31 - 2013-10-09 11:37 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-18 15:28 - 2013-10-09 11:34 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HP Support Assistant
2015-03-18 15:28 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HpUpdate
2015-03-18 15:17 - 2011-11-06 13:56 - 00000000 ____D () C:\Windows\en
2015-03-17 22:47 - 2014-04-24 16:21 - 00000000 ____D () C:\ProgramData\Ableton
2015-03-17 21:45 - 2015-01-04 14:56 - 00000000 ____D () C:\Windows\Font-Collection_eigene
2015-03-17 20:53 - 2013-10-06 22:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-17 17:25 - 2013-10-06 17:08 - 00000000 ____D () C:\Users\Simon
2015-03-17 15:53 - 2013-10-06 18:14 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-17 15:51 - 2013-10-06 18:14 - 00000000 ____D () C:\Users\Simon\AppData\Local\Deployment
2015-03-17 15:50 - 2014-10-17 12:04 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-17 00:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-03-16 23:37 - 2015-01-05 17:15 - 00000000 ____D () C:\Program Files (x86)\News Factory
2015-03-16 21:17 - 2014-05-27 22:10 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-16 21:17 - 2013-10-06 17:26 - 00001427 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-16 21:07 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-16 21:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-03-16 20:44 - 2014-04-24 16:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Ableton
2015-03-14 18:24 - 2014-04-24 16:23 - 00000000 ____D () C:\Users\Simon\Documents\Ableton
2015-03-14 17:48 - 2015-01-05 12:06 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2015-03-14 16:37 - 2014-02-14 13:24 - 00000000 ____D () C:\Users\Simon\Documents\FIFA 12
2015-03-14 16:33 - 2013-10-06 20:34 - 00000000 ____D () C:\ProgramData\Origin
2015-03-14 16:33 - 2013-10-06 20:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-14 12:22 - 2015-02-04 17:54 - 00000386 _____ () C:\Users\Simon\Desktop\Fragen.txt
2015-03-14 00:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-13 18:59 - 2013-12-11 22:50 - 00000000 ____D () C:\Users\Simon\Documents\Native Instruments
2015-03-13 18:54 - 2013-10-07 21:35 - 00000000 ____D () C:\Program Files (x86)\VstPlugins32
2015-03-13 12:50 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 22:50 - 2015-01-03 13:41 - 00000000 ____D () C:\Program Files (x86)\VstPlugins64
2015-03-12 19:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 16:56 - 2009-07-14 05:45 - 05025832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 23:41 - 2014-11-23 01:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-11 23:40 - 2014-03-16 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 23:26 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-11 23:25 - 2013-10-07 20:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 23:11 - 2013-10-07 20:54 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-10 16:13 - 2013-10-06 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-03-06 13:15 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 22:36 - 2011-11-06 13:23 - 00771290 _____ () C:\Windows\system32\perfh007.dat
2015-03-02 22:36 - 2011-11-06 13:23 - 00204790 _____ () C:\Windows\system32\perfc007.dat
2015-03-02 22:36 - 2009-07-14 06:13 - 01749894 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-02 16:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-28 22:12 - 2014-07-02 15:18 - 00005632 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:55 - 2014-12-29 12:17 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2015-02-21 00:07 - 2013-10-07 19:24 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-21 00:07 - 2012-08-21 12:01 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2015-02-21 00:07 - 2012-08-21 12:01 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2015-02-20 23:22 - 2013-10-31 20:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2015-02-20 13:54 - 2015-02-16 12:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 13:54 - 2013-10-31 20:23 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-01-07 18:54 - 2015-01-07 18:54 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll
2014-03-17 21:22 - 2014-03-17 21:22 - 0000132 _____ () C:\Users\Simon\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-03-17 15:29 - 2015-03-17 15:29 - 0000036 _____ () C:\Users\Simon\AppData\Roaming\store.efi
2015-03-17 15:29 - 2015-03-17 15:29 - 0000120 _____ () C:\Users\Simon\AppData\Roaming\store.mui
2013-10-30 20:29 - 2013-12-13 21:50 - 0001456 _____ () C:\Users\Simon\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-07-02 15:18 - 2015-02-28 22:12 - 0005632 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-23 20:16 - 2014-01-23 20:16 - 0000058 _____ () C:\Users\Simon\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-29 18:55 - 2014-09-29 18:55 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simon\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 14:01
==================== End Of Log ============================
|
|
21.03.2015, 00:45
| #11 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Simon at 2015-03-21 00:35:24
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Disabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Ableton Live 8 (HKLM-x32\...\{3CBF4CD3-9370-44A0-B464-A21E588DD122}) (Version: 8.0.0.0 - Ableton)
ActiveState Komodo IDE 8.5.4 (HKLM-x32\...\{F55999C1-E7CA-405D-8A62-66EE1ABB22AE}) (Version: 8.5.4 - ActiveState Software Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio Express 2013 for Web (x32 Version: 2.1 - Microsoft Corporation) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ATI Catalyst Install Manager (HKLM\...\{96F38867-9D41-683C-DF60-034A731C37FE}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
COMODO Antivirus (HKLM\...\{093F13A3-177C-493E-8958-912A0C690B64}) (Version: 6.3.32439.2937 - COMODO Security Solutions Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DJ Intro version 1.2.3 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.2.3 - Serato Audio Research)
Dream of the Blood Moon (HKLM\...\UDK-7ce4b5b9-33ec-4ba1-a4b2-b6be828e13a5) (Version: - Epic Games, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Edirol HQ Orchestral v1.01 (HKLM-x32\...\Edirol HQ Orchestral v1.01) (Version: - )
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FIFA 13 Demo (HKLM-x32\...\{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 Demo (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
GeekBuddy (HKLM\...\{266FA04F-F0FA-4F7A-AA1E-387A57F579F2}) (Version: 4.19.131 - Comodo Security Solutions Inc)
Gladiator demo (HKLM\...\Tone2 Gladiator demo_is1) (Version: - Tone2)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
GRID 2 Demo (HKLM-x32\...\Steam App 248140) (Version: - Codemasters Racing)
GRID Autosport (HKLM-x32\...\GRID Autosport_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
Haunt 1.0 64bit (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Haunt 1.0 64bit) (Version: - )
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.200.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Marble Blast Gold (remove only) (HKLM-x32\...\MarbleBlastGoldShockwave) (Version: - )
Marble Blast Gold Demo (remove only) (HKLM-x32\...\MarbleBlastGoldDemo) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für das Web - DEU (HKLM-x32\...\{81b600cc-d985-40b7-8ab1-5442fb4f4845}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MotoGP™13 Demo (HKLM-x32\...\Steam App 243820) (Version: - Milestone S.r.l.)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Native Instruments Traktor DJ Studio 3 (HKLM-x32\...\Native Instruments Traktor DJ Studio 3) (Version: - )
Need for Speed™ SHIFT Demo (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}) (Version: 1.0.0.0 - Electronic Arts)
NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paros 3.2.13 (HKLM-x32\...\Paros_is1) (Version: - parosproxy.org)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Tools - Umleitungsvorlage (x32 Version: 1.0 - Microsoft Corporation) Hidden
Python Tools Redirection Template (x32 Version: 1.0 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Remote Mouse version 2.5 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.5 - Remote Mouse)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Screenshot Captor 4.8 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SketchUp 2014 (HKLM-x32\...\{9E620BD5-AEEC-492D-9065-D71FCD4C52F1}) (Version: 14.1.1282 - Trimble Navigation Limited)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Ski Challenge 14 (HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\sc14-GAMETWIST_MAIN) (Version: - )
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 7 64bit (HKLM\...\{57FB2180-0FC7-41FC-8D76-3C4271CF4422}) (Version: 7.0.2 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 64bit (HKLM\...\{95D90857-61C2-4927-85FF-A317E46E7351}) (Version: 6.5.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version: - )
Sylenth1 Demo v2.20 (HKLM-x32\...\Sylenth1Demo_is1) (Version: - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TrackMania² Canyon Demo (HKLM-x32\...\Steam App 264850) (Version: - Nadeo)
Trials Evolution Gold Edition - Demo (HKLM-x32\...\Steam App 228860) (Version: - Redlynx Ltd)
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{6592B670-2680-11E3-B0E0-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Wasp (HKLM-x32\...\Wasp) (Version: - Image-Line)
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Worms 3D Demo (HKLM-x32\...\{481463D7-E5D9-4331-B154-B75D6D3C15F8}) (Version: 0.00.001 - )
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version: - Team17 Digital Ltd.)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version: - Team17 Software Ltd.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-03-2015 22:49:36 AA11
20-03-2015 17:53:25 AA11
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-03-20 21:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AAB13DC-2FCB-4626-9C09-E71EF8EDC7DA} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {1D25E891-107C-4435-92DB-34BA287D7572} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {319118F6-9333-479B-BD71-B325E9FD2C1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {353B60D7-B632-4D23-8D53-A87645DE8310} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3C889252-7E97-4BA7-8424-E36D9CC5D3A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-02-11] (Hewlett-Packard)
Task: {3FA2950D-E0DA-4F62-AC5D-FA3D2B9130BE} - System32\Tasks\HPCeeScheduleForSimon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {4E767EC7-C876-4D4D-8286-01BA2781F29D} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {6917235F-071E-4CF5-BC62-D0056AD88984} - System32\Tasks\AdobeAAMUpdater-1.0-Simon-HP-Simon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {6DF7495B-453E-4201-A774-9A16AA04A049} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {732A009F-ABA0-4ACC-B37B-93918A127137} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {7A9DA2D6-C205-4E2D-8688-DBFBD8F66AF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {976212C0-3712-4B9B-A740-16D6E523E801} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-03] (COMODO)
Task: {9A05599A-408F-45C2-88B7-A5C197CF4596} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9F6B2557-5398-4523-B024-86168B020085} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A3CFBE5E-BC7C-4B95-8BC4-8C85777C3A46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A497C78A-1117-4753-A8DD-E1AAA3807DC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {C47202FA-D586-453B-A7B0-F30ADF64C5F7} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-03] (COMODO)
Task: {CDB305DC-F279-475F-9FA6-795183E9F5AA} - System32\Tasks\Apple\AppleSoftwareUpdate => c:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E8972EB4-3A98-47E4-9F31-28860FC4DBC1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F8AB0AAE-74BA-44F6-AE30-C4C837E6B152} - System32\Tasks\Tempo Runner bz64 => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSimon.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Tempo Runner bz64.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe2/dgad C:\ProgramData\bobyzoom\1.1.0.30\bz64.exe
==================== Loaded Modules (whitelisted) ==============
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-30 22:16 - 2014-11-06 19:01 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-01-20 22:35 - 2015-01-20 22:35 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2011-06-01 07:14 - 2011-06-01 07:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-12 01:20 - 2011-04-12 01:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-12 01:20 - 2011-04-12 01:20 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2014-09-29 19:00 - 2014-09-04 04:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-09-29 19:00 - 2014-09-04 04:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-05 23:14 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-12-03 19:07 - 2014-12-03 19:07 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 23:30 - 2014-09-04 04:41 - 00104328 _____ () C:\Users\Simon\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2015-03-20 18:58 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-20 18:58 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-20 18:58 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-20 18:58 - 2015-03-14 11:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\Program Files (x86)\Nexus.dll:$CmdTcID
AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msln.exe:00e74148e3309a1460eb4dc1fc18ecd2
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\synsoacc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOACC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOEMU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOPOS.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\AdwCleaner_4.112.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\AdwCleaner_4.112.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\ComboFix.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\ComboFix.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\JRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\JRT.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\linie_702_karlsruhe___offenburg.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\linie_718_offenburg___oberkirch___bad_griesbach__schw_.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\mbam-setup-2.1.4.1018.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\mbam-setup-2.1.4.1018.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\sweg_streckenplan.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Desktop\tdsskiller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Desktop\tdsskiller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\(500 Sub ) Free Sylenth Sound Bank(By KiDynamic).rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\2014 11 14 Information PULMOLL_Stevia_tins for translation_LABELS NEU.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\3LAU - Five Voices [3LAU Mashup].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Access_7_und_8_Kapitel_Abfragen.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\AdAware116WebInstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\AdAware116WebInstaller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\AdwCleaner_4.112 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\AdwCleaner_4.112 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\adwcleaner_4.112.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\adwcleaner_4.112.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Alex Metric - Heart Weighs A Ton (Vindata Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Alex Metric - Rave Weapon.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Andres Blows - Driver (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Arkasia - Fall Of The Repuplic.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\AsAP Rocky - Wild for the Night (Dog Blood Remix) [feat. Birdy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Avicii - Levels (Skrillex Sheffield Mix) (Wrillez Basics R.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Baauer & RL Grime - Infinite Daps.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Baauer - One Touch (feat. AlunaGeorge And Rae Sremmurd).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\BANKS - Fall Over (Djemba Djemba Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Barely Alive - Sell Your Soul (ft. Jeff Sontag).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Basement Jaxx - Wheres Your Head At.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bass On Fire - One Or Two Scary Homes (Skrillex Kezwik MUST DIE!.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Battery_4_410_PC.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Baunz - The Same Thing (Huxley Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ben LOncle Soul - SevenNationArmy live.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Benjie - Ich rauch mein Ganja den ganzen Tag.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Beyonce - 7_11 (Skrillex & Diplos Jack U Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley & The Wailers - Get Up Stand Up.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Bad Boys.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Could you be loved.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - I Shot The Sheriff.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - I Smoke Two Joints.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Jammin.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Legalize it.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bob Marley - Red Red Wine.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Boys Noize - Push Em Up (Salva Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Brandon Beal - Twerk It Like Miley feat. Christopher.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Bro Safari - The Drop (MUST DIE! Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\C-Trox - Girls (Prod. Jaykode).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\c89f3d44-1d2b-4a63-ab37-8d10999e081a.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Cash Cash - Overtime.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Climbers - 2 Come Back (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\ComboFix.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\ComboFix.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Cubase7 Crack v1.3.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\Cubase7 Crack v1.3.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Daddys Groove - Stellar (Extended Club Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Daniel Fernandes - After All (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Deadmau5 feat. Gerard Way - Professional Griefers (Original Vocal Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Deorro - Bootie In Your Face (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Dillon Francis - When We Were Young (Zomboy Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Dimitri Vegas Like Mike & GTA Ft. Wolfpack - Turn It Up (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Diplo & Alvaro - 6th Gear (GTA Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Diplo ft Skrillex - Amplifire.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\DirectX_11_Setup.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\DJ Fresh feat. Ella Eyre - Gravity (Zeds Dead Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Doja Cat - So High (San Holo Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Dr Kucho! & Gregor Salto ft. Ane Brun - Cant Stop Playing (Makes Me High) (Cyan.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\e-dubble - Changed My Mind.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ed Sheeran - Don't.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ellie Goulding - Love Me Like You Do (Acapella) FREE DOWNLOAD.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Fall Out Boy - I Dont Care.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Far East Movement - Grimey Thirsty feat. YG.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Far East Movement feat ScHoolboy Q - The Illest.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Fatboy Slim VS Dimitri Vegas Like Mike & Ummet Ozc - Eat Sleep Rave Repeat (Tomorrowland Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Flashmob - Need In Me (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Flosstradamus ft. TroyBoi - Soundclash.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Foamo - Without You.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\From First to Last - Emily.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\From First To Last - Note to Self.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Galantis - Runaway (U & I) (Dillon Francis Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Galantis - Runaway (U & I).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Green Day - Boulevard Of Broken Dreams.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\GRID_Autosport.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Hot Since 82 - Knee Deep in Louise (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack U - Beat Steady Knockin'.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack U - Take U There (feat. Kiesza) [Zeds Dead Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (feat. Kiesza) (Tchami Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take U There (Netsky Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (feat. Kiesza) [L D R U Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (ft. Kiesza) [Felix Cartel Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jack Ü - Take Ü There (ft. Kiesza) [Vindata remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jay Forest Sample Pack 2.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jay Forest Sample Pack.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jaykode - NUTCRAKA.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jean Elan - Wheres Your Head At (Klaas Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Jewelz & Scott Sparks feat. Quilla - Unless We Forget (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Joey Harmless - Act So Shady.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\JP6K_demo.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\JRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\JRT.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Just The Way You Are - Bruno Mars (Skrillex Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Kaskade ft. Mindy Gledhill - Eyes (Alvin Risk Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Kill Paris - I Do Love You.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KMSpico setup by MegaPennymarkt.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOAN Sound - 80s Fitness.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOAN Sound - Eastern Thug.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOAN Sound - Sly Fox.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - BOSSHAFT BODYBUILDING #1 (Beat by Phil Fanatic &.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - BOSSTRANSFORMATION THEME (Beat by Phil Fanatic &.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - IMPERATOR Juice Exclusive (Beat by Phil Fanatic &.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - NWO (Beat by Hookbeats & Phil Fanatic).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAH - Ruhe vor dem Sturm (Beat by Hookbeats & Phil Fana.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Kollegah ft Farid Bang - Dynamit (acapella) (1).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #12 - Der Jesse Pinkman (Beat by Sadikbeatz).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #13 - Der Personal Trainer (Beat by Joznez & Johnny Ill.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #4 - Der Maurermeister (Beat by Hookbeats & Phil Fanat.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KOLLEGAHs LYRIK LOUNGE #6 - Der Indianer (Beat by Phil Fanatic & Hookbeats).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Korn feat Skrillex and Kill the Noise - Narcissistic Cannibal.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Krewella - Come and Get It.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\KVRT15.0.19.0.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\KVRT15.0.19.0.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Left Boy - Get It Right (Virtual Riot Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\LennarDigital.Sylenth1.v2.21.x86.x64_www.insfire.net.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Lil Boosie - Crazy (Brillz & Snails Bootleg).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\linie_702_karlsruhe___offenburg.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\linie_718_offenburg___oberkirch___bad_griesbach__schw_.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Lorde - Tennis Court (Diplo's Andre Agassi Reebok Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Major Lazer & DJ Snake feat. MØ - Lean On.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Martin Solveig & GTA - Intoxicated (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Massive_140_PC.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Matisyahu - Sunshine.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.1.4.1018.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.1.4.1018.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\MIA - YALA (Bro Safari & Valentino Khan Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Migos - Fight Night.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Mike Williams - Konnichiwa (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Millok & Zigelli - Feel Me [Mario Basanov Remix].mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\musicradar-house-percussion-samples.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\MUST DIE! - Hellcat.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\M_ive52000Presets.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Nari & Milani Feat. Carl Fanini House Remix - Smells Like Teen Spirit.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\NexusFontSetup2.5.8.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\NexusFontSetup2.5.8.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Ninetoes - Finder (Klardust Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Nirvana - Come As You Are (Frank Vaenz Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\ni_massive_pack_2013 (1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Noisia Feat. Foreign Beggars - Shellshock.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Nova - Feeling Of The Night (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\NYMZ - BINGBONG.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Oiki - Get It Now VIP.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\OneHandBand-Beatz - I get High.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Overwerk - Contact.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\pak_choirs_et_bonus_par_toutpourleson (1).rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Philip George - Wish You Were Mine (Dexcell Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Phonat - Set Me Free.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\PokerStarsInstallEU.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\PokerStarsInstallEU.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Press Play & Nathan Thomson - Sex Drugs & Bounce (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Around The World.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Californication.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Cant Stop.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Dani California.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Road Trippin.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Scar Tissue.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Snow (Hey Oh).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - The Adventures of Rain Dance Maggie.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Red Hot Chili Peppers - Under The Bridge.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Replika_120_PC.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\RL Grime - Core (Djembas Selassie Bootleg).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\SecondCity - I Wanna Feel (Young Bombs Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Serato DJ Intro 1.2.3.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Serato Dj1.6.1 FULL By #DJALFAMED.rar:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Shadow Child - 23 (ft. Tymer).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex & Katy Perry - E.T. (Bugzz Equinox Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex & Major Lazer - Get Cinema.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Baby Boy (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Breakn A Sweat VIP.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Breathe ft. Krewella (Vocal Edit) Extended.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Cat Rats.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - CUSP (xCosmikx Edit).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Dirty Vibe with Diplo G-Dragon and CL (Habstrakt.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Dirty Vibe with Diplo G-Dragon and CL (Jack Beats.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Dirty Vibe with Diplo G-Dragon and CL (Ricky Reme.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Do We Really.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - DownX3.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Fuckn Messy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - I am Skrillex.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Ragga Bomb feat. The Ragga Twins (Skrillex & Zomb.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Rock n Roll VIP + Unreleased Song.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - Sexual Seduction.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex - True Gangsters Final.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Skrillex feat. Sirah - Weekends!!! (Zedd Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\smime (1).p7s:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\snake_js.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Snoop Dogg ft. Pharrell - Drop It Like Its Hot.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Somewhere Up Here (Drop The Poptart) - Deadmau5 Ft. Colleen DAgostino.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Glow Worm.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Gypsyhook.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Oceans.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Se7en Bells.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sonny Moore - Signal (Acoustic).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Soul Button - Come To Me (Dahu Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Soul Button - In My Stride feat. Stee Downes (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\SpydaT.E.K. - Si Me Dices(Random).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\SpyHunter-Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\SpyHunter-Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\STAY WITH ME - Sam Smith.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Steve Aoki Ft. Rivers Cuomo - Earthquakey People (Alvin Risk Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Swedish House Mafia vs. Knife Party - Antidote (Schoolboy Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\sweg_streckenplan.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sylenth1DemoWin32.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Sylenth1DemoWin64.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\tdsskiller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\tdsskiller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\The Beatles - Hey Jude Vocals.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\TIM ISMAG - THE ROCK.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tiësto - Wasted ft. Matthew Koma (Ummet Ozcan Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tone2_Gladiator_demo_setup (1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tone2_Gladiator_demo_setup.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Torro Torro & Long Jawns - The Pump.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Torro Torro - CAN'T GET ENOUGH - (4songs.PK).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Tristam & Braken - Flight.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Trollphace - Make It Bounce (feat. Harvey J).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Uberjakd - Bump Dat (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Uberjakd - GTFU (Krunk! remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\uiso9_pe.exe:$CmdTcID
AlternateDataStreams: C:\Users\Simon\Downloads\uiso9_pe.exe:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Vaski - Take Me There.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\VC++_All_Redist_Packages.zip:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild (2).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild-6-x-Multipower-Bleiakkus-12V-12Ah-Preis-pro-Akku-17.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Verkaufsschild.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Energy Drink.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Idols (EDM Mashup).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Minimalist.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Turn Up.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot - Were Not Alone.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Virtual Riot x ApeCrime - Instagram Battle.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\What So Not - The Quack.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\What So Not - Touched.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Wiz Khalifa - We Dem Boyz.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Wuki - Framework VIP.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\xKore ft. Zoe & Naomi - Need You (Centra Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Yellow Claw & Cesqeaux - Legends Ft. Kalibwoy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zedd - Dovregubben (Original Mix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zedd - I Want You To Know ft. Selena Gomez.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zhu - Dj Snake - Dj Mustard - Faded 2.0.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\Zomboy - Here To Stay (MUST DIE! Remix).mp3:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[kickass.so]cubase.7.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[kickass.so]native.instruments.battery.4.4.0.1.update.and.library.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[kickass.so]ni.massive.v1.1.4.vsti.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[TVSMILES GmbH] Betreff- Deine Prämie von TVSMILES - Amazon 10 Euro Gutschein (#414871).html:$CmdZnID
AlternateDataStreams: C:\Users\Simon\Downloads\[TVSMILES GmbH] Betreff- Deine Prämie von TVSMILES - Amazon 5 Euro Gutschein (#414881).html:$CmdZnID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgR119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgR119.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2389831746-1586198665-2336280641-500 - Administrator - Disabled)
Gast (S-1-5-21-2389831746-1586198665-2336280641-501 - Limited - Enabled) => C:\Users\Gast
Simon (S-1-5-21-2389831746-1586198665-2336280641-1000 - Administrator - Enabled) => C:\Users\Simon
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: AMD A6-3600 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 34%
Total physical RAM: 8178.82 MB
Available physical RAM: 5360.1 MB
Total Pagefile: 16355.84 MB
Available Pagefile: 12933.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1830.73 GB) (Free:1500.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.65 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Massive-Lernkurs) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS
Drive h: (Volume) (Fixed) (Total:19.53 GB) (Free:6.76 GB) NTFS
Drive i: (SEAGATE_PC) (Fixed) (Total:1396.81 GB) (Free:815.22 GB) exFAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AAA41450)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1830.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 8F324A77)
Partition 1: (Not Active) - (Size=466.2 GB) - (Type=AF)
Partition 2: (Not Active) - (Size=1396.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
 |
|
21.03.2015, 12:54
| #12 |
| /// TB-Ausbilder | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Servus, es befindet sich noch etwas Adware auf dem Rechner, wir kümmern uns jetzt um den Rest. Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
Task: {F8AB0AAE-74BA-44F6-AE30-C4C837E6B152} - System32\Tasks\Tempo Runner bz64 => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe
Task: C:\Windows\Tasks\Tempo Runner bz64.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe2/dgad C:\ProgramData\bobyzoom\1.1.0.30\bz64.exe
C:\ProgramData\bobyzoom
C:\ProgramData\338492126a3249459a948fc3ab4924b4
C:\Users\Simon\Downloads\SpyHunter-Installer.exe
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Policies\Explorer: []
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
22.03.2015, 20:25
| #13 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Ok, hier die Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Simon at 2015-03-21 13:56:34 Run:1
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon & Gast)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
Task: {F8AB0AAE-74BA-44F6-AE30-C4C837E6B152} - System32\Tasks\Tempo Runner bz64 => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe
Task: C:\Windows\Tasks\Tempo Runner bz64.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe2/dgad C:\ProgramData\bobyzoom\1.1.0.30\bz64.exe
C:\ProgramData\bobyzoom
C:\ProgramData\338492126a3249459a948fc3ab4924b4
C:\Users\Simon\Downloads\SpyHunter-Installer.exe
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Policies\Explorer: []
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
EmptyTemp:
end
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8AB0AAE-74BA-44F6-AE30-C4C837E6B152}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8AB0AAE-74BA-44F6-AE30-C4C837E6B152}" => Key deleted successfully.
C:\Windows\System32\Tasks\Tempo Runner bz64 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tempo Runner bz64" => Key deleted successfully.
C:\Windows\Tasks\Tempo Runner bz64.job => Moved successfully.
"C:\ProgramData\bobyzoom" => File/Directory not found.
C:\ProgramData\338492126a3249459a948fc3ab4924b4 => Moved successfully.
C:\Users\Simon\Downloads\SpyHunter-Installer.exe => Moved successfully.
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
"HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
EmptyTemp: => Removed 380.5 MB temporary data.
The system needed a reboot.
==== End of Fixlog 13:56:45 ====
Code:
ATTFilter
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7264f214b26fdf42afca88e3fd59a6ff
# engine=23019
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-22 03:39:25
# local_time=2015-03-22 04:39:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='COMODO Antivirus'
# compatibility_mode=3074 16777213 100 84 76249 88056641 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 502286 178668615 0 0
# scanned=517351
# found=161
# cleaned=0
# scan_time=65303
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{003BE25C-EC19-47C3-ABA6-4423D9A3C52F}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{082B2424-0920-4A90-9F01-5EC2071BF4D0}"
sh=F5B6DE185A3F082CC77EFFC7AE0FA078BF76A33A ft=1 fh=5eb052f8a9d57b2a vn="Win32/Wajam.K evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{0F2D9F7B-C8F8-44FE-8E95-CFF48ADCAB4F}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{18FD987D-5868-4B75-87E9-926F4B1C4762}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{1F495790-AEF2-4E5B-B1F3-35D7AFD6A79B}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{2164857A-A53F-47C2-AD5E-4AEBD16ADAAE}"
sh=5100C9CA9866EC4576F214DADD2983265BBC7B55 ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{22DE6243-369F-45C4-BCF3-7E56272C359C}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{30883DD2-6DC8-4914-856D-9987E5301DE2}"
sh=E04C7533D6936063DB02CD7D99592ECE413A41A6 ft=0 fh=0000000000000000 vn="Variante von Generik.MFQUIDY Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{413FF26E-EC87-4AAB-A03B-D67129CE37FC}"
sh=6DC8F61D31536973942C1A6CAE274F917F0242C8 ft=1 fh=f1c0791b60e2128d vn="Variante von Win32/Toolbar.Iminent.J evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{43E75661-FC68-43D7-9B7D-7503BE8D848B}"
sh=348BC05656C2F8E394A8C6CAE1F4F7E0D3D4D9AB ft=1 fh=387f621082601d2c vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{4C7051E1-05B1-42A7-B979-11641821135D}"
sh=C626AE555A64F8AD4052B8968696E0C71423676E ft=1 fh=5bb72747d4e9ad29 vn="Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{596B0D97-53DC-41AC-AF10-6699D3AACB8E}"
sh=F5CEF1BFC4E7056F59063C059E514672834F4153 ft=1 fh=2e27ad1b7e025cd6 vn="Variante von Win32/AdWare.SpeedingUpMyPC.E Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{5D6A5A2A-4857-4978-B440-F03CCF4E53C4}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{63C341B8-D7A8-4080-9F89-B326E76564E0}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{6B183190-CE32-4FF0-B745-DB1F3F065CDB}"
sh=D93DFB48F135DD4DE95CB82544C3EDA3BAD2C753 ft=1 fh=d1199f70f2992f69 vn="Win32/Packed.ScrambleWrapper.D evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{73134D0F-15BA-4524-866C-C199ED91855D}"
sh=FA351DEA4F6653D0F15416B0ABAB227DF5AE85B7 ft=1 fh=34f118651afc56a4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{73B7E24D-5989-4831-BB8E-A9E4F393FECD}"
sh=CD84B3B54EA542CD74C67461B521BAE6E3584661 ft=1 fh=5e1a9785bbeb47a4 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{7D3C4603-8180-49FC-AF80-C8F16E8210A4}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{8E58835D-9AB6-4B1A-A921-2B0242E9E11B}"
sh=666A9B6DFA8B37BFE3119AB50719DA59CED00FFF ft=1 fh=f6341159df2ea1ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{9DC5C2B6-A90D-49F4-8A32-6D738E17757D}"
sh=D93DFB48F135DD4DE95CB82544C3EDA3BAD2C753 ft=1 fh=d1199f70f2992f69 vn="Win32/Packed.ScrambleWrapper.D evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{A0CE1314-4410-4528-B234-BDA5C5DC89C3}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{A4CAF971-9CE8-4629-924D-8FFA1B105D4F}"
sh=2FCDEB27C5315760C1114781FC2398499E431D24 ft=1 fh=c40b67351baa4f5e vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{AA23AC41-1B4C-4239-A49C-671328A0D669}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{AC20ECF7-70B2-42CA-94D9-BFBE47471DE1}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{ACF3D57C-033D-4416-9B0D-65900E5A246B}"
sh=E04C7533D6936063DB02CD7D99592ECE413A41A6 ft=0 fh=0000000000000000 vn="Variante von Generik.MFQUIDY Trojaner" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{B2FE51D5-9894-4444-B177-A14DF935CDD8}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{B4428E7C-009F-4B4E-93EE-C67EA84BF20B}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{C49C9EB8-D0BE-42D2-8092-201DE40F28C7}"
sh=28D13E862DF2934E4BB230153818F7B4351A5B2A ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{C5D99E0F-2762-46D4-AB0B-8A7468D0BB20}"
sh=FA74EAA7CF91FA7DF099B8A1158257B91848DB16 ft=1 fh=33845dfeb800aeaa vn="Variante von Win32/AdWare.PricePeep.A Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{C96C539A-1792-41A0-B885-32BC7756460B}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{CC3EB927-2EA1-4852-BE57-2C0788791C2D}"
sh=CD84B3B54EA542CD74C67461B521BAE6E3584661 ft=1 fh=5e1a9785bbeb47a4 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{CD81E933-A464-4D35-8FCD-AF6842F4AA25}"
sh=8BBBF899968C13EBDD0D374BFC5A1226C2CCAA4E ft=1 fh=e3203141e68830b7 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{D6CA229F-65A4-44B7-9AD7-41300D402813}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{DD82CCFF-B062-402F-8B0A-23B94FC25764}"
sh=A0D52DCF369EF5A26EDD02F381A30BC06D6159F1 ft=1 fh=c71c00110a80296a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{DD9264E3-9EC8-4FE7-BDF1-6EE8653E7A9E}"
sh=0FF401AA3E524FBAB632FFE8967EEA2BBA8C2FC5 ft=1 fh=f84f0003dd931f33 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{DF82EBB8-1455-433F-94C9-C080AB8C19C4}"
sh=CA5B6FD3FF9E632FF42C2E36E4AB597543784F4B ft=1 fh=ef57d7c440e38b60 vn="Win32/AdWare.1ClickDownload.AW Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{E68F3525-C03F-4275-AE35-6B4687846364}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{E72C32D1-9566-44F1-B994-F4119C1BFC45}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{EBD9866E-9069-435B-90A3-1A72C6F9D3A6}"
sh=0FF401AA3E524FBAB632FFE8967EEA2BBA8C2FC5 ft=1 fh=f84f0003dd931f33 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{EDA7685D-ABB3-4CB7-A696-FCBA709DDB11}"
sh=CD84B3B54EA542CD74C67461B521BAE6E3584661 ft=1 fh=5e1a9785bbeb47a4 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{F3919A8B-265F-4F43-B355-CA2C1BB99373}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{F46EEEC3-47AB-4D3C-B0DB-DA9DF517A6E4}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{FB2FC3C7-1F91-464B-B31F-4FC3BD88FA18}"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{FC6392E3-3C9B-40EB-9FB7-61523BB7C3DF}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{003BE25C-EC19-47C3-ABA6-4423D9A3C52F}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{082B2424-0920-4A90-9F01-5EC2071BF4D0}"
sh=F5B6DE185A3F082CC77EFFC7AE0FA078BF76A33A ft=1 fh=5eb052f8a9d57b2a vn="Win32/Wajam.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{0F2D9F7B-C8F8-44FE-8E95-CFF48ADCAB4F}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{18FD987D-5868-4B75-87E9-926F4B1C4762}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{1F495790-AEF2-4E5B-B1F3-35D7AFD6A79B}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{2164857A-A53F-47C2-AD5E-4AEBD16ADAAE}"
sh=5100C9CA9866EC4576F214DADD2983265BBC7B55 ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{22DE6243-369F-45C4-BCF3-7E56272C359C}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{30883DD2-6DC8-4914-856D-9987E5301DE2}"
sh=E04C7533D6936063DB02CD7D99592ECE413A41A6 ft=0 fh=0000000000000000 vn="Variante von Generik.MFQUIDY Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{413FF26E-EC87-4AAB-A03B-D67129CE37FC}"
sh=6DC8F61D31536973942C1A6CAE274F917F0242C8 ft=1 fh=f1c0791b60e2128d vn="Variante von Win32/Toolbar.Iminent.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{43E75661-FC68-43D7-9B7D-7503BE8D848B}"
sh=348BC05656C2F8E394A8C6CAE1F4F7E0D3D4D9AB ft=1 fh=387f621082601d2c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{4C7051E1-05B1-42A7-B979-11641821135D}"
sh=C626AE555A64F8AD4052B8968696E0C71423676E ft=1 fh=5bb72747d4e9ad29 vn="Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{596B0D97-53DC-41AC-AF10-6699D3AACB8E}"
sh=F5CEF1BFC4E7056F59063C059E514672834F4153 ft=1 fh=2e27ad1b7e025cd6 vn="Variante von Win32/AdWare.SpeedingUpMyPC.E Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{5D6A5A2A-4857-4978-B440-F03CCF4E53C4}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{63C341B8-D7A8-4080-9F89-B326E76564E0}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{6B183190-CE32-4FF0-B745-DB1F3F065CDB}"
sh=D93DFB48F135DD4DE95CB82544C3EDA3BAD2C753 ft=1 fh=d1199f70f2992f69 vn="Win32/Packed.ScrambleWrapper.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{73134D0F-15BA-4524-866C-C199ED91855D}"
sh=FA351DEA4F6653D0F15416B0ABAB227DF5AE85B7 ft=1 fh=34f118651afc56a4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{73B7E24D-5989-4831-BB8E-A9E4F393FECD}"
sh=CD84B3B54EA542CD74C67461B521BAE6E3584661 ft=1 fh=5e1a9785bbeb47a4 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{7D3C4603-8180-49FC-AF80-C8F16E8210A4}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{8E58835D-9AB6-4B1A-A921-2B0242E9E11B}"
sh=666A9B6DFA8B37BFE3119AB50719DA59CED00FFF ft=1 fh=f6341159df2ea1ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{9DC5C2B6-A90D-49F4-8A32-6D738E17757D}"
sh=D93DFB48F135DD4DE95CB82544C3EDA3BAD2C753 ft=1 fh=d1199f70f2992f69 vn="Win32/Packed.ScrambleWrapper.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{A0CE1314-4410-4528-B234-BDA5C5DC89C3}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{A4CAF971-9CE8-4629-924D-8FFA1B105D4F}"
sh=2FCDEB27C5315760C1114781FC2398499E431D24 ft=1 fh=c40b67351baa4f5e vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{AA23AC41-1B4C-4239-A49C-671328A0D669}"
sh=8E8A29BBC15C7973F0E0F9CAE9557442D3BE166A ft=1 fh=3d0bba9b2704ddbf vn="Variante von Win32/Webprefix.B Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{AC20ECF7-70B2-42CA-94D9-BFBE47471DE1}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{ACF3D57C-033D-4416-9B0D-65900E5A246B}"
sh=E04C7533D6936063DB02CD7D99592ECE413A41A6 ft=0 fh=0000000000000000 vn="Variante von Generik.MFQUIDY Trojaner" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{B2FE51D5-9894-4444-B177-A14DF935CDD8}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{B4428E7C-009F-4B4E-93EE-C67EA84BF20B}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{C49C9EB8-D0BE-42D2-8092-201DE40F28C7}"
sh=28D13E862DF2934E4BB230153818F7B4351A5B2A ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{C5D99E0F-2762-46D4-AB0B-8A7468D0BB20}"
sh=FA74EAA7CF91FA7DF099B8A1158257B91848DB16 ft=1 fh=33845dfeb800aeaa vn="Variante von Win32/AdWare.PricePeep.A Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{C96C539A-1792-41A0-B885-32BC7756460B}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{CC3EB927-2EA1-4852-BE57-2C0788791C2D}"
sh=CD84B3B54EA542CD74C67461B521BAE6E3584661 ft=1 fh=5e1a9785bbeb47a4 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{CD81E933-A464-4D35-8FCD-AF6842F4AA25}"
sh=8BBBF899968C13EBDD0D374BFC5A1226C2CCAA4E ft=1 fh=e3203141e68830b7 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{D6CA229F-65A4-44B7-9AD7-41300D402813}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{DD82CCFF-B062-402F-8B0A-23B94FC25764}"
sh=A0D52DCF369EF5A26EDD02F381A30BC06D6159F1 ft=1 fh=c71c00110a80296a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{DD9264E3-9EC8-4FE7-BDF1-6EE8653E7A9E}"
sh=0FF401AA3E524FBAB632FFE8967EEA2BBA8C2FC5 ft=1 fh=f84f0003dd931f33 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{DF82EBB8-1455-433F-94C9-C080AB8C19C4}"
sh=CA5B6FD3FF9E632FF42C2E36E4AB597543784F4B ft=1 fh=ef57d7c440e38b60 vn="Win32/AdWare.1ClickDownload.AW Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{E68F3525-C03F-4275-AE35-6B4687846364}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{E72C32D1-9566-44F1-B994-F4119C1BFC45}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{EBD9866E-9069-435B-90A3-1A72C6F9D3A6}"
sh=0FF401AA3E524FBAB632FFE8967EEA2BBA8C2FC5 ft=1 fh=f84f0003dd931f33 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{EDA7685D-ABB3-4CB7-A696-FCBA709DDB11}"
sh=CD84B3B54EA542CD74C67461B521BAE6E3584661 ft=1 fh=5e1a9785bbeb47a4 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{F3919A8B-265F-4F43-B355-CA2C1BB99373}"
sh=D8E257A222385523B6A4DF229253CE9A78CF0820 ft=1 fh=c71c0011e3f3ccb1 vn="Variante von Win32/Amonetize.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{F46EEEC3-47AB-4D3C-B0DB-DA9DF517A6E4}"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{FB2FC3C7-1F91-464B-B31F-4FC3BD88FA18}"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{FC6392E3-3C9B-40EB-9FB7-61523BB7C3DF}"
sh=48133785E4173F20F53C1B27C7A5DC99A1A02536 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp\128\content.js"
sh=721527CE7DC8F5485F2E11AB5CE68FE258F21EAF ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp\128\lsdb.js"
sh=FD846166AA291DAE1447AB4C76A04190281F2333 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp\128\Uns0J.js"
sh=48133785E4173F20F53C1B27C7A5DC99A1A02536 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp\128\content.js"
sh=721527CE7DC8F5485F2E11AB5CE68FE258F21EAF ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp\128\lsdb.js"
sh=FD846166AA291DAE1447AB4C76A04190281F2333 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp\128\Uns0J.js"
sh=2EF963A0E16D3D42D93F3990005ECE30D7EEA6AA ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js"
sh=29F0126226FF176E309795362F19FA09FCFFC42A ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js.BAK"
sh=5DDB566D95F9199F6F8724F344AE501A22CC3AB0 ft=1 fh=ebb6aa7a13887d8e vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Arma-3-Demo-lnstall.exe"
sh=DCFF139F6221F3882ABF3FC3D9162E4301C95E28 ft=1 fh=d53296ca55983aa7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe"
sh=D86D2FC37B1FED635CAF6F25254D7A575466ED1E ft=1 fh=7614c1446a9b863f vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\FFSetup3.3.4.0 (1).exe"
sh=1E9565095176E93422FF11290DD49315F55B969E ft=1 fh=21a781640b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Gran-Turismo-5-Setup.exe"
sh=C2A861369B95DD2BD56F4292EB5F01ED874B545B ft=1 fh=6044e6de6922956c vn="Variante von MSIL/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\koreplayer-211-win-Downloader.exe"
sh=BAC6BD9982685B6A7CC46E29333AF9DBFF68BEF3 ft=1 fh=13fffafd0cb0fce3 vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\setup_CB-DL-Manager.exe"
sh=8612452A73A3D50A788E020C9527ADAE82339CFD ft=1 fh=61d1fea913887d8e vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Watch-Dogs--Release,-Trailer,-Infos-zur-Demo-lnstall.exe"
sh=44A315AAA7F006AE8342751A3D01D3E0E2BD41E6 ft=1 fh=e23e3184587da44d vn="Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Local Settings\Application Data\Bundled software uninstaller\bi_client (1).exe"
sh=44A315AAA7F006AE8342751A3D01D3E0E2BD41E6 ft=1 fh=e23e3184587da44d vn="Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe"
sh=48133785E4173F20F53C1B27C7A5DC99A1A02536 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\VTRoot\HarddiskVolume2\ProgramData\ffmiafoddgcekgfhfieaacphcnlmbmkd\content.js"
sh=CC1C2940607B38DC84C50B83962B412CF6D14893 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\VTRoot\HarddiskVolume2\ProgramData\ffmiafoddgcekgfhfieaacphcnlmbmkd\hDnyXLKBR.js"
sh=721527CE7DC8F5485F2E11AB5CE68FE258F21EAF ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\VTRoot\HarddiskVolume2\ProgramData\ffmiafoddgcekgfhfieaacphcnlmbmkd\lsdb.js"
sh=78C3BC1E295354F34784593446A58F2DE4A7B8D8 ft=1 fh=c71c001103bac9cb vn="Win32/SProtector.M evtl. unerwünschte Anwendung" ac=I fn="C:\VTRoot\HarddiskVolume2\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\35S0TX81\sinstall[1].exe"
sh=78C3BC1E295354F34784593446A58F2DE4A7B8D8 ft=1 fh=c71c001103bac9cb vn="Win32/SProtector.M evtl. unerwünschte Anwendung" ac=I fn="C:\VTRoot\HarddiskVolume2\Users\Simon\AppData\Local\Temp\584571\temp\hpds_setup.exe"
sh=2CC6DBCF965F92C6717084A83B25B128B0D67D7F ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\VTRoot\HarddiskVolume2\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\staged\r2@KBiuK5UW.com\content\bg.js"
sh=DA72DCEECE48FC13A449A739E71991D0D2A1617A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-11 171524\Backup files 5.zip"
sh=23346A61F637CC63847A08A081E16388454EA842 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-11 171524\Backup files 6.zip"
sh=CC955E6BB9FBC9CA8C38AB2E6F2B55D5F8367337 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-15 190000\Backup files 1.zip"
sh=F75E767C67EEDEF45EB1ECBFE2C69950061B6A68 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-22 190000\Backup files 4.zip"
sh=27A09E5A2781875320015D6BC0A360E65F2495C8 ft=0 fh=0000000000000000 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-22 190000\Backup files 5.zip"
sh=EEE9988E28524E384E1C56E6826892EAF6654437 ft=0 fh=0000000000000000 vn="Variante von MSIL/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-22 190000\Backup files 6.zip"
sh=CE6CE276FD56D4F6731629EA32DD3DAA51274E8B ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2013-12-22 190000\Backup files 80.zip"
sh=E8B766C99B15FEE76A8E5D5BCB121E91BB646011 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2014-02-09 190000\Backup files 1.zip"
sh=A7F28C0032147AA4C3275872FB28B073C053E8E5 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2014-02-09 190000\Backup files 3.zip"
sh=25EBB8201C286CF2F98E5DC38B922A43A5B982F8 ft=0 fh=0000000000000000 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2014-03-02 194445\Backup files 2.zip"
sh=F09CB867AF8AAC5D6EEAA22E9F9537A64A3F9828 ft=0 fh=0000000000000000 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2013-12-11 171524\Backup Files 2014-03-30 190000\Backup files 3.zip"
sh=B8EBDF4724421B8B1C093C09469884D276EA241E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-04-27 190000\Backup files 2.zip"
sh=7798E12D82B4992953D8568409ED8079AC066B32 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-05-04 190001\Backup files 1.zip"
sh=3B02394AC6047EDA64C34B5EB8A3EA6CE2B36E51 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-05-04 190001\Backup files 5.zip"
sh=DE17A9A145AAA5D9E0001F287634259C63EB2045 ft=0 fh=0000000000000000 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-05-04 190001\Backup files 19.zip"
sh=F9322808E9C1ED927C416AB21DDCCD27728D9C34 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-05-04 190001\Backup files 20.zip"
sh=D03F5C936B03160E5AF2DF310BD699671DB1C02E ft=0 fh=0000000000000000 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-05-04 190001\Backup files 54.zip"
sh=8DB3A2FC362211A48E032831A164589A1038C8EA ft=0 fh=0000000000000000 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-05-04 190001\Backup files 66.zip"
sh=E488A6F2CB3BB807A26CC2FAD4D115A54F5DBE22 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-06-08 190000\Backup files 17.zip"
sh=8B45AF87A95CD127394EA276944F99A66155D39B ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-08-31 190001\Backup files 17.zip"
sh=C02AC355878881DAB401B42DD0B9057C2E3BF3DC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-08-31 190001\Backup files 51.zip"
sh=8C99BB4794A409CAD90F297441DDC30A47E03F3C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-11-09 190001\Backup files 1.zip"
sh=2451E105D0EEB27A1F433DDBA70838790FAB450E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-11-09 190001\Backup files 4.zip"
sh=445238CE32D84AF3010276EB021B72924A240D62 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-11-23 190001\Backup files 5.zip"
sh=8E5629BF508E1C7B8C2FE7F0BF0829F03434019D ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-04-20 190000\Backup Files 2014-11-30 190001\Backup files 3.zip"
sh=53653CC038454979993960F61EDC51E666577905 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 33.zip"
sh=BAD727A64353A7142FB87E181B79589ACAD1A576 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 34.zip"
sh=920DE330B18E4C7CBCA4FD66634E0C6A3DF16182 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.EB Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 36.zip"
sh=6C68BFF2FD5BE4C4A4C19195BDD462A222559F36 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 37.zip"
sh=971841BF0BFCD62C57972C62253EEDA2FA55037C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 39.zip"
sh=7118F87C7FCE557B23B3CBD131A5EC555A8B3235 ft=0 fh=0000000000000000 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 98.zip"
sh=681DC7BA1367BE6E25F3FF123EE45531B9A6CEF2 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 99.zip"
sh=6A8C4B07B6492AFB069575E88B109CC9287C65EA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 100.zip"
sh=F70DB59AF2469160F49AAF77B27492A0F38C0B0A ft=0 fh=0000000000000000 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2014-12-07 190001\Backup files 254.zip"
sh=6B6B835E008C5108F762CC17D76A0A27BA3FC1C5 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2015-01-11 190001\Backup files 1.zip"
sh=24A22B90A2A9A90A3A6BAFB0AC6B00A9971D12C5 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2015-01-11 190001\Backup files 3.zip"
sh=C33E7EA414A529247C2BFDE40B64EB2D0F88CB6C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2014-12-07 190001\Backup Files 2015-01-11 190001\Backup files 5.zip"
sh=25FD4F2D5B325CD1940C8EF04FD0A8C959302EA0 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 33.zip"
sh=D533224157598AC57F0A0CE1729A136D600461B0 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 34.zip"
sh=DFE8B2D31FCEEECDF95E52E9562CFC4772DC2E44 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 36.zip"
sh=B82241CBFBC0BB7E5482063050BE871F63CE0553 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 37.zip"
sh=B052AA3F1961B9EA39D874740FC9D298DE528FB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 38.zip"
sh=38B54A85FF3D6D2F153002F8BF19B3FE24AE6BD5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 39.zip"
sh=577D212802759DE81EF179EC446FD11F6AE4BF5F ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 98.zip"
sh=469C4505103BB216400513C75F66FEA4BC56793E ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 99.zip"
sh=B66DB54C68715D320F01BF25F2184F8D7B314F5A ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 100.zip"
sh=C00A335F05D16928482BCC5F0E143406B7586F23 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 103.zip"
sh=FEA074C1FD211708DC0FDC972010F1E038539CDC ft=0 fh=0000000000000000 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-01-25 190001\Backup files 259.zip"
sh=DD7F45317E46B9489CAB778AEF227BEC5ECCAE8E ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="I:\SIMON-HP\Backup Set 2015-01-25 190001\Backup Files 2015-03-01 190001\Backup files 6.zip"
Code:
ATTFilter Results of screen317's Security Check version 0.99.97
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
COMODO Antivirus
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java 8 Update 31
Visual Studio Extensions for Windows Library for JavaScript
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Mozilla Firefox 29.0.1 Firefox out of Date!
Google Chrome (41.0.2272.101)
Google Chrome (41.0.2272.89)
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
23.03.2015, 14:58
| #14 |
| /// TB-Ausbilder | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Deine ganzen Backups auf dem externen Laufwerk I sind verseucht, würde ich alle löschen! Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js.BAK
C:\Users\Simon\Downloads*.exe
C:\Users\Simon\Local Settings\Application Data\Bundled software uninstaller
C:\VTRoot\HarddiskVolume2\ProgramData\ffmiafoddgcekgfhfieaacphcnlmbmkd
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
|
|
23.03.2015, 15:33
| #15 |
| | Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Simon at 2015-03-23 15:20:11 Run:2
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon & Gast)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js.BAK
C:\Users\Simon\Downloads*.exe
C:\Users\Simon\Local Settings\Application Data\Bundled software uninstaller
C:\VTRoot\HarddiskVolume2\ProgramData\ffmiafoddgcekgfhfieaacphcnlmbmkd
EmptyTemp:
end
*****************
Processes closed successfully.
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe => Moved successfully.
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp => Moved successfully.
"C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp" => File/Directory not found.
C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp => Moved successfully.
"C:\Users\Simon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp" => File/Directory not found.
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js => Moved successfully.
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\prefs.js.BAK => Moved successfully.
"C:\Users\Simon\Downloads*.exe" => File/Directory not found.
C:\Users\Simon\Local Settings\Application Data\Bundled software uninstaller => Moved successfully.
C:\VTRoot\HarddiskVolume2\ProgramData\ffmiafoddgcekgfhfieaacphcnlmbmkd => Moved successfully.
EmptyTemp: => Removed 84.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 15:20:14 ====
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Simon (administrator) on SIMON-HP on 23-03-2015 15:26:24
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Akamai Technologies, Inc.) C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
(BitTorrent Inc.) C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe
(Akamai Technologies, Inc.) C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Autodesk Inc.) C:\Users\Simon\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-02-03] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-21] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-01-02] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-07] (Easybits)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-10] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1195520 2013-12-14] (RemoteMouse.net)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\...\Run: [uTorrent] => C:\Users\Simon\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunes.lnk
ShortcutTarget: iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.1.14
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=19.9.1.14
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2389831746-1586198665-2336280641-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> {CBD2C0FC-1C12-41F9-91A4-9F04CD5E6A14} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2389831746-1586198665-2336280641-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-09-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-09-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-18]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-29]
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com [Not Found]
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com [Not Found]
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\robazqzw.default\extensions\bbz@bobyzoom.com [Not Found]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-09-24]
CHR Extension: (Google Drive) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-06]
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-06]
CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-06]
CHR Extension: (Adblock Plus Popup) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdpphnfafkjbgbkdopdanfcidmkioni [2014-09-24]
CHR Extension: (Adblock Super) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Video Download Helper) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-31] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-10] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-02-03] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-02-03] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-03-10] (Comodo Security Solutions, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-20] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-14] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-06] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 EraserSvc11311; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe" /h ccCommon [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-06-26] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-03] (Disc Soft Ltd)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-03-21] ()
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-20] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-20] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-22 20:17 - 2015-03-22 20:18 - 00001093 _____ () C:\Users\Simon\Desktop\checkup.txt
2015-03-22 19:29 - 2015-03-22 19:29 - 00852604 _____ () C:\Users\Simon\Downloads\SecurityCheck.exe
2015-03-22 19:29 - 2015-03-22 19:29 - 00852604 _____ () C:\Users\Simon\Desktop\SecurityCheck.exe
2015-03-21 22:26 - 2015-03-21 22:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-21 22:22 - 2015-03-21 22:22 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-03-21 21:37 - 2015-03-21 21:36 - 02347384 _____ (ESET) C:\Users\Simon\Desktop\esetsmartinstaller_deu.exe
2015-03-21 21:36 - 2015-03-21 21:36 - 02347384 _____ (ESET) C:\Users\Simon\Downloads\esetsmartinstaller_deu.exe
2015-03-21 21:35 - 2015-03-21 21:35 - 00025698 _____ () C:\Users\Simon\Desktop\HitmanPro_20150321_2135.log
2015-03-21 21:34 - 2015-03-21 21:34 - 00005038 _____ () C:\Windows\system32\.crusader
2015-03-21 14:01 - 2015-03-21 21:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-21 14:01 - 2015-03-21 14:01 - 10995632 _____ (SurfRight B.V.) C:\Users\Simon\Desktop\HitmanPro_x64.exe
2015-03-21 14:00 - 2015-03-21 14:01 - 10995632 _____ (SurfRight B.V.) C:\Users\Simon\Downloads\HitmanPro_x64.exe
2015-03-21 13:58 - 2015-03-21 13:58 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-03-21 00:35 - 2015-03-21 00:36 - 00085104 _____ () C:\Users\Simon\Desktop\Addition.txt
2015-03-21 00:34 - 2015-03-23 15:27 - 00027310 _____ () C:\Users\Simon\Desktop\FRST.txt
2015-03-21 00:13 - 2015-03-21 00:13 - 00005043 _____ () C:\Users\Simon\Desktop\JRT.txt
2015-03-20 23:33 - 2015-03-20 23:34 - 00014255 _____ () C:\Users\Simon\Desktop\mbam.txt
2015-03-20 23:25 - 2015-03-20 23:25 - 01388672 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe
2015-03-20 23:24 - 2015-03-20 23:25 - 01388672 _____ (Thisisu) C:\Users\Simon\Downloads\JRT.exe
2015-03-20 23:07 - 2015-03-20 23:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 23:06 - 2015-03-20 23:06 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-20 23:06 - 2015-03-20 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-20 23:05 - 2015-03-20 23:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-20 23:05 - 2015-03-20 23:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Simon\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-20 22:55 - 2015-03-20 22:55 - 02171392 _____ () C:\Users\Simon\Downloads\AdwCleaner_4.112 (1).exe
2015-03-20 22:55 - 2015-03-20 22:55 - 02171392 _____ () C:\Users\Simon\Desktop\AdwCleaner_4.112.exe
2015-03-20 21:47 - 2015-03-20 21:47 - 00032004 _____ () C:\ComboFix.txt
2015-03-20 21:13 - 2015-03-20 21:13 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00098816 _____ () C:\Windows\sed.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00080412 _____ () C:\Windows\grep.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00068096 _____ () C:\Windows\zip.exe
2015-03-20 21:13 - 2015-03-20 21:13 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-20 21:13 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-20 21:12 - 2015-03-20 21:47 - 00000000 ____D () C:\Qoobox
2015-03-20 21:10 - 2015-03-20 21:41 - 00000000 ____D () C:\Windows\erdnt
2015-03-20 20:56 - 2015-03-20 20:56 - 05615380 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe
2015-03-20 20:55 - 2015-03-20 20:56 - 05615380 _____ (Swearware) C:\Users\Simon\Downloads\ComboFix.exe
2015-03-20 18:26 - 2015-03-20 18:26 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\JavaEditor
2015-03-20 17:54 - 2015-03-20 17:53 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Desktop\tdsskiller.exe
2015-03-20 17:53 - 2015-03-20 17:53 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Downloads\tdsskiller.exe
2015-03-19 22:05 - 2015-03-19 22:07 - 00100858 _____ () C:\Users\Simon\Downloads\Addition.txt
2015-03-19 22:03 - 2015-03-19 22:07 - 00074733 _____ () C:\Users\Simon\Downloads\FRST.txt
2015-03-19 22:02 - 2015-03-23 15:26 - 00000000 ____D () C:\FRST
2015-03-19 22:01 - 2015-03-19 22:01 - 02095616 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2015-03-19 21:27 - 2015-03-19 21:27 - 00015388 _____ () C:\Users\Simon\Desktop\Ad-Aware_Report_Custom_Manual_2015-03-19T21-25-01.902704.xml
2015-03-19 20:29 - 2015-03-19 21:36 - 00018448 _____ () C:\Users\Simon\Desktop\Adware.txt
2015-03-18 22:54 - 2015-03-18 22:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\LavasoftStatistics
2015-03-18 22:53 - 2015-03-18 22:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-03-18 22:49 - 2015-03-18 22:49 - 02071768 _____ () C:\Users\Simon\Downloads\AdAware116WebInstaller.exe
2015-03-18 22:45 - 2015-03-18 22:46 - 02171392 _____ () C:\Users\Simon\Downloads\adwcleaner_4.112.exe
2015-03-18 15:18 - 2015-03-23 15:21 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-17 22:03 - 2015-03-17 22:03 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 22:01 - 2015-03-17 22:02 - 00000000 ____D () C:\KVRT_Data
2015-03-17 21:59 - 2015-03-17 22:01 - 133981896 _____ (Kaspersky Lab ZAO) C:\Users\Simon\Downloads\KVRT15.0.19.0.exe
2015-03-17 17:35 - 2015-03-17 17:35 - 00000000 ____D () C:\sh_backup
2015-03-17 17:25 - 2015-03-17 17:25 - 00000000 _____ () C:\autoexec.bat
2015-03-17 15:53 - 2015-03-20 18:58 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 15:53 - 2015-03-17 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 15:51 - 2015-03-23 15:22 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-17 15:51 - 2015-03-23 14:56 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-17 15:51 - 2015-03-17 15:51 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-17 15:51 - 2015-03-17 15:51 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-17 15:50 - 2015-03-17 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-17 15:50 - 2015-01-30 14:35 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-03-17 15:50 - 2015-01-30 14:35 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-17 15:40 - 2015-03-17 21:45 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Maaxi
2015-03-17 15:29 - 2015-03-17 17:15 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Azes
2015-03-17 15:29 - 2015-03-17 15:29 - 00000120 _____ () C:\Users\Simon\AppData\Roaming\store.mui
2015-03-17 15:29 - 2015-03-17 15:29 - 00000036 _____ () C:\Users\Simon\AppData\Roaming\store.efi
2015-03-16 22:13 - 2015-03-20 23:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-16 22:13 - 2015-03-16 22:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-16 22:08 - 2015-03-16 22:12 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-16 21:32 - 2015-03-20 22:59 - 00000000 ____D () C:\AdwCleaner
2015-03-16 21:11 - 2015-03-16 21:11 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieBrowserModeList
2015-03-16 21:10 - 2015-03-16 21:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2015-03-14 11:54 - 2015-03-14 11:54 - 00019779 _____ () C:\Users\Simon\Downloads\2014 11 14 Information PULMOLL_Stevia_tins for translation_LABELS NEU.xlsx
2015-03-14 02:21 - 2015-03-14 02:21 - 00000000 ___RD () C:\Users\Simon\Desktop\Drums Project
2015-03-13 19:24 - 2015-03-13 19:25 - 02356216 _____ (Gerhard Röhner ) C:\Users\Simon\Downloads\JavaEditor12.52Setup.exe
2015-03-13 19:16 - 2015-03-13 19:16 - 48909782 _____ () C:\Users\Simon\Downloads\ni_massive_pack_2013 (1).zip
2015-03-13 19:12 - 2015-03-13 19:14 - 112557786 _____ () C:\Users\Simon\Downloads\M_ive52000Presets.rar
2015-03-13 18:48 - 2015-03-13 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2015-03-13 18:46 - 2015-03-13 18:46 - 11166093 _____ () C:\Users\Simon\Downloads\LennarDigital.Sylenth1.v2.21.x86.x64_www.insfire.net.rar
2015-03-13 18:43 - 2015-03-13 18:43 - 00002933 _____ () C:\Users\Simon\Downloads\(500 Sub ) Free Sylenth Sound Bank(By KiDynamic).rar
2015-03-13 12:52 - 2015-03-13 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-13 12:52 - 2015-03-13 12:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-03-12 22:53 - 2015-03-12 22:54 - 05387630 _____ () C:\Users\Simon\Downloads\Sylenth1DemoWin64.zip
2015-03-12 22:48 - 2015-03-12 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1 Demo
2015-03-12 22:48 - 2015-03-12 22:48 - 05308733 _____ () C:\Users\Simon\Downloads\Sylenth1DemoWin32.zip
2015-03-12 22:48 - 2015-03-12 22:48 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2015-03-11 22:13 - 2015-03-11 22:13 - 00000000 ___RD () C:\Users\Simon\Desktop\Intro Project
2015-03-11 14:27 - 2015-03-11 14:27 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 14:27 - 2015-03-11 14:27 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 14:27 - 2015-03-11 14:27 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 14:27 - 2015-03-11 14:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 14:27 - 2015-03-11 14:27 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 14:27 - 2015-03-11 14:27 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 14:27 - 2015-03-11 14:27 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 14:27 - 2015-03-11 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 14:27 - 2015-03-11 14:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 14:27 - 2015-03-11 14:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 14:26 - 2015-03-11 14:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 14:18 - 2015-03-11 14:18 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 14:18 - 2015-03-11 14:18 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 14:18 - 2015-03-11 14:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 14:14 - 2015-03-11 14:14 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 14:14 - 2015-03-11 14:14 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 14:14 - 2015-03-11 14:14 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 14:14 - 2015-03-11 14:14 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 14:14 - 2015-03-11 14:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 14:14 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 14:14 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 14:12 - 2015-03-11 14:12 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 14:12 - 2015-03-11 14:12 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00278786 _____ () C:\Users\Simon\Downloads\Access_7_und_8_Kapitel_Abfragen.zip
2015-03-01 21:51 - 2015-03-01 21:52 - 427737644 _____ () C:\Users\Simon\Desktop\Mix_1.wav
2015-02-28 22:08 - 2015-03-01 21:53 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Audacity
2015-02-28 22:08 - 2015-02-28 22:08 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-02-28 22:08 - 2015-02-28 22:08 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-02-28 22:08 - 2015-02-28 22:08 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-02-28 22:06 - 2015-02-28 22:06 - 01203488 _____ () C:\Users\Simon\Downloads\Audacity - CHIP-Installer.exe
2015-02-25 23:42 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 23:42 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 23:42 - 2013-11-10 23:03 - 00000000 ____D () C:\Users\Simon\Desktop\Jannick Larsen Sample Pack 2
2015-02-24 23:42 - 2013-07-01 10:12 - 00000000 ____D () C:\Users\Simon\Desktop\Jannick Larsen Sample Pack
2015-02-24 22:59 - 2015-02-24 23:12 - 332172142 _____ () C:\Users\Simon\Downloads\Jay Forest Sample Pack 2.rar
2015-02-24 22:59 - 2015-02-24 23:06 - 121510185 _____ () C:\Users\Simon\Downloads\Jay Forest Sample Pack.rar
2015-02-24 22:41 - 2015-02-24 22:55 - 758440728 _____ () C:\Users\Simon\Downloads\musicradar-house-percussion-samples.zip
2015-02-22 19:23 - 2015-02-22 19:23 - 00011034 _____ () C:\Users\Simon\Downloads\snake_js.zip
2015-02-21 20:10 - 2015-02-23 21:23 - 00442368 _____ () C:\Users\Simon\Desktop\Trainingsplan.indd
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files\iTunes
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files\iPod
2015-02-21 00:07 - 2015-02-21 00:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 15:27 - 2013-10-15 21:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\uTorrent
2015-03-23 15:26 - 2013-10-06 20:53 - 00326718 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-03-23 15:26 - 2013-10-06 17:07 - 01112638 _____ () C:\Windows\WindowsUpdate.log
2015-03-23 15:23 - 2013-12-03 22:26 - 00000000 ____D () C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2015-03-23 15:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 15:21 - 2009-07-14 05:51 - 00121096 _____ () C:\Windows\setupact.log
2015-03-23 15:20 - 2013-10-06 18:25 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-03-23 14:47 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-23 14:47 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 14:41 - 2014-09-29 18:34 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai
2015-03-22 15:31 - 2013-10-17 19:45 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSimon
2015-03-22 15:31 - 2013-10-17 19:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForSimon.job
2015-03-22 14:52 - 2013-10-06 17:26 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64C34E7A-F718-4277-8DD3-9A6EF5ACA927}
2015-03-21 13:56 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-21 13:30 - 2010-11-21 04:47 - 00860140 _____ () C:\Windows\PFRO.log
2015-03-20 21:47 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-20 21:39 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-20 13:25 - 2013-10-15 20:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2015-03-18 22:53 - 2015-01-06 12:36 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-18 21:57 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\Simon\Desktop\Import Musik
2015-03-18 21:57 - 2013-10-18 14:22 - 00000000 ____D () C:\Users\Simon\Desktop\Musik
2015-03-18 15:31 - 2013-10-09 11:37 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-18 15:28 - 2013-10-09 11:34 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HP Support Assistant
2015-03-18 15:28 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\HpUpdate
2015-03-18 15:17 - 2011-11-06 13:56 - 00000000 ____D () C:\Windows\en
2015-03-17 22:47 - 2014-04-24 16:21 - 00000000 ____D () C:\ProgramData\Ableton
2015-03-17 21:45 - 2015-01-04 14:56 - 00000000 ____D () C:\Windows\Font-Collection_eigene
2015-03-17 20:53 - 2013-10-06 22:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-17 17:25 - 2013-10-06 17:08 - 00000000 ____D () C:\Users\Simon
2015-03-17 15:53 - 2013-10-06 18:14 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-17 15:51 - 2013-10-06 18:14 - 00000000 ____D () C:\Users\Simon\AppData\Local\Deployment
2015-03-17 15:50 - 2014-10-17 12:04 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-17 00:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-03-16 23:37 - 2015-01-05 17:15 - 00000000 ____D () C:\Program Files (x86)\News Factory
2015-03-16 21:17 - 2014-05-27 22:10 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-16 21:17 - 2013-10-06 17:26 - 00001427 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-16 21:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-03-16 20:44 - 2014-04-24 16:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Ableton
2015-03-14 18:24 - 2014-04-24 16:23 - 00000000 ____D () C:\Users\Simon\Documents\Ableton
2015-03-14 17:48 - 2015-01-05 12:06 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2015-03-14 16:37 - 2014-02-14 13:24 - 00000000 ____D () C:\Users\Simon\Documents\FIFA 12
2015-03-14 16:33 - 2013-10-06 20:34 - 00000000 ____D () C:\ProgramData\Origin
2015-03-14 16:33 - 2013-10-06 20:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-14 12:22 - 2015-02-04 17:54 - 00000386 _____ () C:\Users\Simon\Desktop\Fragen.txt
2015-03-14 00:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-13 18:59 - 2013-12-11 22:50 - 00000000 ____D () C:\Users\Simon\Documents\Native Instruments
2015-03-13 18:54 - 2013-10-07 21:35 - 00000000 ____D () C:\Program Files (x86)\VstPlugins32
2015-03-13 12:50 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 22:50 - 2015-01-03 13:41 - 00000000 ____D () C:\Program Files (x86)\VstPlugins64
2015-03-12 19:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 16:56 - 2009-07-14 05:45 - 05025832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 23:41 - 2014-11-23 01:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-11 23:40 - 2014-03-16 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 23:26 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-11 23:25 - 2013-10-07 20:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 23:11 - 2013-10-07 20:54 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-10 16:13 - 2013-10-06 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-03-06 13:15 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 22:36 - 2011-11-06 13:23 - 00771290 _____ () C:\Windows\system32\perfh007.dat
2015-03-02 22:36 - 2011-11-06 13:23 - 00204790 _____ () C:\Windows\system32\perfc007.dat
2015-03-02 22:36 - 2009-07-14 06:13 - 01749894 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-02 16:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-28 22:12 - 2014-07-02 15:18 - 00005632 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:55 - 2014-12-29 12:17 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2015-02-21 00:07 - 2013-10-07 19:24 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-21 00:07 - 2012-08-21 12:01 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2015-02-21 00:07 - 2012-08-21 12:01 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
==================== Files in the root of some directories =======
2015-01-07 18:54 - 2015-01-07 18:54 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll
2014-03-17 21:22 - 2014-03-17 21:22 - 0000132 _____ () C:\Users\Simon\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-03-17 15:29 - 2015-03-17 15:29 - 0000036 _____ () C:\Users\Simon\AppData\Roaming\store.efi
2015-03-17 15:29 - 2015-03-17 15:29 - 0000120 _____ () C:\Users\Simon\AppData\Roaming\store.mui
2013-10-30 20:29 - 2013-12-13 21:50 - 0001456 _____ () C:\Users\Simon\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-07-02 15:18 - 2015-02-28 22:12 - 0005632 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-23 20:16 - 2014-01-23 20:16 - 0000058 _____ () C:\Users\Simon\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-29 18:55 - 2014-09-29 18:55 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 14:01
==================== End Of Log ============================
|
|
| Themen zu Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts. |
| ad-aware, cubase, download, explorer, internet, internet explorer, malwarebytes, microsoft, programme, pup.optional.bobyzoom.a, pup.optional.multiplug, pup.optional.zoompic.a, software, win32/adware.1clickdownload.at, win32/adware.speedingupmypc.e, win32/amonetize.w, win32/downloadsponsor.c, win32/packed.scramblewrapper.d, win32/softonicdownloader.e, win32/softonicdownloader.f, win32/softonicdownloader.g, win32/toolbar.conduit.r, win32/toolbar.iminent.j, win32/toolbar.iminent.k, win32/wajam.k, win32/webprefix.b |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
