| |
| |||||||
Log-Analyse und Auswertung: Win 8.1: Trojaner eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.09.2015, 22:52
| #1 |
  |  Win 8.1: Trojaner eingefangen Hallo, ich habe mir da blöderweise was eingefangen und wäre über Hilfestellung bei der Entfernung dankbar. Ich habe eine .exe ausgeführt, blöderweise mit Admin-Rechten. Nach meinen Recherchen handelt es sich um diesen süßen Fratz hxxp://www.virusradar.com/en/MSIL_Kryptik.DNN/description https://www.virustotal.com/en/file/673cf41507f5809b25aeb30fccbcc4d85fe7d9d48e971080b5a2fb4df2fe954e/analysis/ https://malwr.com/analysis/OTQyYzViZGNiMjg5NDBjZTkyMTdiOWYzZTZhODY5MTI/ Das Teil hat sich nach AppData kopiert und einen Autorun-Eintrag angelegt (via Task Scheduler), welchen ich händisch entfernt habe. Anschließend hat MBAM noch die Binary und 2 Registry-Einträge gelöscht. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25.09.2015 Scan Time: 22:44 Logfile: mbam.txt Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.09.25.05 Rootkit Database: v2015.09.22.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: mongole Scan Type: Threat Scan Result: Completed Objects Scanned: 371471 Time Elapsed: 6 min, 47 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Warn Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 2 Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, Quarantined, [08118ba9f09b61d514ecf80efb09ce32], Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, Quarantined, [08118ba9f09b61d514ecf80efb09ce32], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 Trojan.Agent, C:\Users\mongole\AppData\Roaming\chrome.exe, Quarantined, [08118ba9f09b61d514ecf80efb09ce32], Physical Sectors: 0 (No malicious items detected) (end) Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:21 on 25/09/2015 (mongole)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015 Ran by mongole (administrator) on MONGOMACHINE-8 (25-09-2015 23:40:42) Running from B:\TEMP\mozOpenDownload Loaded Profiles: mongole (Available Profiles: mongole) Platform: Windows 8.1 Enterprise (X64) Language: Englisch (Vereinigte Staaten) Internet Explorer Version 11 (Default browser: "C:\Program Files\Pale Moon\palemoon.exe" -osint -url "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () M:\Program Files (x86)\GNU\GnuPG\dirmngr.exe (Microsoft Corporation) C:\Program Files (x86)\EMET 5.2\EMET_Service.exe (SecureMix LLC) M:\Program Files (x86)\GlassWire\GWCtlSrv.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (Microsoft Corporation) C:\Windows\System32\nfsclnt.exe (Microsoft Corporation) C:\Program Files (x86)\EMET 5.2\EMET_Agent.exe () M:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Greenshot) M:\Program Files\Greenshot\Greenshot.exe (RaMMicHaeL) M:\Program Files (x86)\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe (alch) M:\Program Files (x86)\ClamWin\bin\ClamTray.exe () M:\Program Files (x86)\ownCloud\owncloud.exe () M:\Program Files\Ditto\Ditto.exe (Andrea Russo - Italy) C:\Program Files (x86)\ClamSentinel\ClamSentinel.exe (SecureMix LLC) M:\Program Files (x86)\GlassWire\GlassWire.exe (VirtuaWin) C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe () C:\Program Files (x86)\VirtuaWin\modules\WinList.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (TrueCrypt Foundation) M:\Program Files\TrueCrypt\TrueCrypt.exe (SecureMix LLC) M:\Program Files (x86)\GlassWire\GWIdlMon.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (The Pidgin developer community) M:\Program Files (x86)\Pidgin\pidgin.exe () M:\Program Files\HexChat\hexchat.exe () M:\Program Files (x86)\qBittorrent\qbittorrent.exe () M:\Program Files (x86)\Spaz\Spaz.exe () M:\Program Files (x86)\SABnzbd\SABnzbd.exe (Moonchild Productions) C:\Program Files\Pale Moon\palemoon.exe (Valve Corporation) M:\Games\Steam\Steam.exe (Valve Corporation) M:\Games\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) M:\Games\Steam\bin\steamwebhelper.exe (Valve Corporation) M:\Games\Steam\bin\steamwebhelper.exe (Sysinternals - www.sysinternals.com) M:\Programme\SysinternalsSuite\Autoruns.exe (ConEmu-Maximus5) C:\Program Files\ConEmu\ConEmu64.exe (ConEmu-Maximus5) C:\Program Files\ConEmu\ConEmu\ConEmuC64.exe (Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (EJIE Technology) C:\Program Files (x86)\Clover\clover.exe (Moonchild Productions) C:\Program Files\FossaMail\FossaMail.exe () C:\Program Files (x86)\VirusTotalUploader2\VirusTotalUploader2.2.exe () B:\Downloads\Defogger.exe (Malwarebytes Corporation) M:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () M:\Program Files (x86)\ClamWin\bin\clamscan.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14862456 2015-09-01] (Logitech Inc.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] () HKLM\...\Run: [OODefragTray] => M:\Program Files\OO Software\Defrag\oodtray.exe HKLM\...\Run: [Greenshot] => m:\Program Files\Greenshot\Greenshot.exe [540672 2015-04-19] (Greenshot) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl) HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd) HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.) HKLM-x32\...\Run: [GDataUsbProtection] => C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe [1412216 2014-09-05] (G Data Software AG) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [830416 2015-08-03] (MSI) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11328464 2015-09-11] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-06-18] (Malwarebytes Corporation) HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION HKLM\...\Command Processor: "C:\Program Files (x86)\clink\0.4.2\clink" inject --profile "~\clink" <======= ATTENTION HKLM-x32\...\Command Processor: "C:\Program Files (x86)\clink\0.4.2\clink" inject --profile "~\clink" <======= ATTENTION HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [7 Taskbar Tweaker] => M:\Program Files (x86)\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [380416 2015-08-22] (RaMMicHaeL) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [ClamWin] => m:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2015-05-05] (alch) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [SandboxieControl] => m:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-06-23] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [Google Update] => C:\Users\mongole\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [ownCloud] => M:\Program Files (x86)\ownCloud\owncloud.exe [1748494 2015-09-01] () HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [Ditto] => m:\Program Files\Ditto\Ditto.exe [1975808 2015-01-10] () HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [LoxCONTROL] => M:\Program Files (x86)\Loxone\LoxoneConfig\LoxCONTROL.exe [1865176 2014-05-07] (Loxone Electronics GmbH) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [f.lux] => C:\Users\mongole\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [Clam Sentinel] => C:\Program Files (x86)\ClamSentinel\ClamSentinel.exe [737280 2014-07-18] (Andrea Russo - Italy) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [GlassWire] => M:\Program Files (x86)\GlassWire\glasswire.exe [12771872 2015-07-30] (SecureMix LLC) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {00fc8422-4518-11e4-8264-0015833d0a57} - "Z:\Setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {07a2f1dc-dbb6-11e4-8291-97d8e33ee520} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {0b248c5f-c9bc-11e4-8290-0015833d0a57} - "R:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {0d1c3130-6b70-11e4-8273-0015833d0a57} - "J:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {0d1c31a4-6b70-11e4-8273-0015833d0a57} - "J:\Setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {0d1c31c9-6b70-11e4-8273-0015833d0a57} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {0d1c3228-6b70-11e4-8273-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {14df6a04-0a84-11e5-82a0-0015833d0a57} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {162e6353-bf1e-11e4-828f-0015833d0a57} - "Q:\BvsC_Setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {18bfff98-a6b1-11e4-8284-e65431e47091} - "R:\Setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {2df4f224-5338-11e5-82b8-c975e38b645c} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {2f6767ba-72b0-11e4-8277-0015833d0a57} - "P:\start.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {4ab32722-d8e7-11e4-8291-97d8e33ee520} - "H:\Setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {4ab327eb-d8e7-11e4-8291-97d8e33ee520} - "H:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {4ab328a3-d8e7-11e4-8291-97d8e33ee520} - "L:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {4fc9a4b0-580a-11e5-82ba-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {60881c93-86fc-11e4-827e-9f3555d7a4f3} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {642b4753-b3df-11e4-828e-a9ce0c2de137} - "P:\Autorun.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {642b4891-b3df-11e4-828e-a9ce0c2de137} - "P:\Autorun.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {714b828f-4260-11e5-82b7-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {762b7399-7812-11e4-827d-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {762b75e7-7812-11e4-827d-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {762b9426-7812-11e4-827d-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {83042a8e-617d-11e4-8273-0015833d0a57} - "J:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {83042bc2-617d-11e4-8273-0015833d0a57} - "J:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {83043e48-617d-11e4-8273-0015833d0a57} - "J:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {830440a0-617d-11e4-8273-0015833d0a57} - "K:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {83044447-617d-11e4-8273-0015833d0a57} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {89f42221-ff1a-11e4-82a0-0015833d0a57} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {9aada012-a252-11e4-8284-e65431e47091} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {9aadaf0b-a252-11e4-8284-e65431e47091} - "R:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {a4fef4da-5e67-11e5-82ba-0015833d0a57} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {a9a16c7d-0027-11e5-82a0-0015833d0a57} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {b22c0533-6397-11e5-82bc-0015833d0a57} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {b39f8cc0-1d22-11e5-82a9-0015833d0a57} - "O:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {d225db12-d660-11e4-8291-97d8e33ee520} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {d225e732-d660-11e4-8291-97d8e33ee520} - "H:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {dc266ba8-80b9-11e4-827d-0015833d0a57} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {dfac2b46-37c5-11e5-82b2-0015833d0a57} - "P:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {e0617187-c45c-11e4-828f-0015833d0a57} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {e06176a3-c45c-11e4-828f-0015833d0a57} - "R:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {e54e06e4-b393-11e4-828e-a9ce0c2de137} - "H:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {e54e0808-b393-11e4-828e-a9ce0c2de137} - "H:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\MountPoints2: {e7b61e58-9e1a-11e4-8284-e65431e47091} - "Q:\setup.exe" HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-18\...\RunOnce: [{BF6DA836-4385-488D-8F01-89E886CAD41D}] => "B:\Killer_Network_Drivers_(driver_only)_1.1.50.1073\Killer\setup.exe" HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0 ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => m:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl) ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl) ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BtProx.lnk [2015-03-29] ShortcutTarget: BtProx.lnk -> C:\Program Files (x86)\BtProx\btprox.exe (BtProx) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk [2014-10-19] ShortcutTarget: Duplicati.lnk -> M:\Program Files\Duplicati\Duplicati.exe (HexaD) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-09-07] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) Startup: C:\Users\mongole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2014-12-16] ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.) Startup: C:\Users\mongole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VirtuaWin.lnk [2014-09-23] ShortcutTarget: VirtuaWin.lnk -> C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe (VirtuaWin) BootExecute: autocheck autochk /m /P \Device\TrueCryptVolumeZautocheck autochk * GroupPolicyScripts: Restriction <======= ATTENTION GroupPolicyScripts\User: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{8F5EDCF9-F14F-4A0C-AEB1-5860B2A385C0}: [NameServer] 192.168.100.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation) BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft) BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> m:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-06-27] (FreeDownloadManager.ORG) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) FireFox: ======== FF ProfilePath: C:\Users\mongole\AppData\Roaming\Mozilla\Firefox\Profiles\q1eucqck.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation) FF Plugin HKU\S-1-5-21-3859236888-2619314948-3413747170-1001: @tools.google.com/Google Update;version=3 -> C:\Users\mongole\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3859236888-2619314948-3413747170-1001: @tools.google.com/Google Update;version=9 -> C:\Users\mongole\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - m:\Program Files (x86)\Free Download Manager\Firefox\Extension FF Extension: Free Download Manager plugin - m:\Program Files (x86)\Free Download Manager\Firefox\Extension [2014-09-25] StartMenuInternet: FIREFOX.EXE - m:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed] S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-07-03] (Creative Technology Ltd) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-25] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-25] (Dropbox, Inc.) R2 DirMngr; m:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [File not signed] R2 EMET_Service; C:\Program Files (x86)\EMET 5.2\EMET_Service.exe [22680 2015-03-11] (Microsoft Corporation) S3 FileZilla Server; m:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [794584 2015-06-12] (FileZilla Project) S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [762272 2015-09-11] (Garmin Ltd. or its subsidiaries) R2 GlassWire; M:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7438880 2015-07-30] (SecureMix LLC) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) S3 iked; m:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] () S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) S3 ipsecd; m:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation) R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [402432 2015-07-07] (Rivet Networks) [File not signed] R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-01] (Logitech Inc.) S3 MBAMService; m:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2106832 2015-06-29] (MSI) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4045264 2015-08-03] (MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2123216 2015-07-08] (MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4177360 2015-07-07] (MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2002896 2015-07-28] (MSI) R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2284496 2015-07-30] (MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2072528 2015-06-29] (MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [599504 2015-07-28] (MSI) R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-27] (Micro-Star INT'L CO., LTD.) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1768912 2015-09-11] (Micro-Star INT'L CO., LTD.) R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [100352 2014-09-25] (Microsoft Corporation) S3 OODefragAgent; M:\Program Files\OO Software\Defrag\oodag.exe [1660200 2014-08-29] (O&O Software GmbH) S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S2 SbieSvc; m:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC) S3 Synergy; M:\Program Files\Synergy\synergyd.exe [298496 2014-05-23] () [File not signed] S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S2 uvnc_service; m:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [1979136 2015-05-28] (UltraVNC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 MPlayerWWService; "M:\Programme\mplayer\tools\MPlayerWWService.exe" [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [118320 2015-06-19] (Rivet Networks, LLC.) R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1060632 2013-07-03] (Creative Technology Ltd) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [34072 2013-07-03] (Creative Technology Ltd) R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [210632 2014-07-09] () S3 dvblink_tuner; C:\Windows\system32\drivers\dvblink_tuner.sys [78184 2013-10-24] (DVBLogic) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 GDKBBlocker; C:\Windows\system32\drivers\GDKBBlocker64.sys [30720 2015-03-04] (G Data Software AG) R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC) S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] () R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [126512 2015-03-18] (Qualcomm Atheros, Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-25] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation) R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [261120 2014-09-25] (Microsoft Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI) R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation) S3 pbfilter; M:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] () S3 PORTMON; M:\Programme\SysinternalsSuite\PORTMSYS.SYS [28656 2015-07-11] (Systems Internals) [File not signed] R2 RAMDriv; C:\Windows\system32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.) R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [131072 2014-09-25] (Microsoft Corporation) R3 SbieDrv; m:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC) S3 UDST7000BDA; C:\Windows\system32\DRIVERS\TerraTecUsbBda.sys [917160 2012-08-20] (TerraTec Electronic GmbH.) S3 UDST7000HID; C:\Windows\System32\drivers\TerraTecUsbHid.sys [26408 2012-08-20] (TerraTec Electronic GmbH.) U5 UnlockerDriver5; c:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [192344 2015-07-25] (IDRIX) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 wod0205; C:\Windows\system32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software) S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) U0 xtcx; C:\Windows\System32\drivers\elqmjfvr.sys [79064 2015-09-25] (Malwarebytes Corporation) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] U3 kglcypob; \??\B:\TEMP\kglcypob.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-25 23:38 - 2015-09-25 23:40 - 00000000 ____D C:\FRST 2015-09-25 23:21 - 2015-09-25 23:21 - 00000000 _____ C:\Users\mongole\defogger_reenable 2015-09-25 22:51 - 2015-09-25 22:51 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\elqmjfvr.sys 2015-09-25 22:38 - 2015-09-25 22:50 - 00000000 ____D C:\Windows\System32\Tasks\Update 2015-09-25 22:38 - 2015-09-25 22:38 - 00000445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOMA.lnk 2015-09-25 22:38 - 2015-09-25 22:38 - 00000000 ____D C:\Users\mongole\AppData\Roaming\F3247B3C-E835-478E-8AA4-F9949F685480 2015-09-25 17:11 - 2015-09-25 17:11 - 00000021 _____ C:\Windows\S.dirmngr 2015-09-25 16:05 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-09-25 16:05 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-09-25 16:05 - 2015-08-10 20:15 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-09-25 16:05 - 2015-08-10 20:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-09-25 16:05 - 2015-08-10 20:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-09-25 16:05 - 2015-08-10 19:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-09-25 16:05 - 2015-08-10 18:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-09-25 16:05 - 2015-08-10 18:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-09-25 16:05 - 2015-08-07 23:41 - 07460168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-09-25 16:05 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-09-25 16:05 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-09-25 16:05 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-09-25 16:05 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-09-25 16:05 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-09-25 16:05 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-09-25 16:05 - 2015-08-06 21:15 - 01658544 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-09-25 16:05 - 2015-08-06 21:15 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-09-25 16:05 - 2015-08-06 21:15 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-09-25 16:05 - 2015-08-06 21:15 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-09-25 16:05 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2015-09-25 16:05 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-09-25 16:05 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2015-09-25 16:05 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-09-25 16:05 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll 2015-09-23 21:06 - 2015-09-23 21:09 - 00000000 ____D C:\Users\mongole\AppData\Roaming\FRITZ! 2015-09-23 21:04 - 2015-09-23 21:04 - 00000726 _____ C:\Users\Public\Desktop\FRITZ!fax.lnk 2015-09-23 21:04 - 2015-09-23 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ! 2015-09-23 21:04 - 2006-02-23 12:16 - 00047616 _____ (TODO: <Company name>) C:\Windows\system32\AvmColorFax.dll 2015-09-23 21:04 - 2006-02-23 11:35 - 00020480 _____ C:\Windows\system32\FritzColorPort64.dll 2015-09-23 21:04 - 2006-02-22 10:53 - 00043520 _____ (TODO: <Company name>) C:\Windows\system32\AvmFax.dll 2015-09-23 21:04 - 2006-02-22 10:51 - 00027136 _____ (AVM Berlin GmbH) C:\Windows\system32\FriDru64.dll 2015-09-23 21:04 - 2006-02-22 10:39 - 00020480 _____ C:\Windows\system32\FritzPort64.dll 2015-09-23 21:03 - 2015-09-23 21:03 - 00000000 ____D C:\ProgramData\ISDNWatch 2015-09-23 21:03 - 2015-09-23 21:03 - 00000000 ____D C:\ProgramData\FRITZ!fax für FRITZ!Box 2015-09-23 20:58 - 2015-09-23 20:58 - 00000174 _____ C:\Windows\setup.log 2015-09-22 20:35 - 2015-09-14 02:29 - 42840368 _____ C:\Windows\system32\nvcompiler.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 16637528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 13660648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 12514824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 12185344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 11096696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-09-22 20:35 - 2015-09-14 02:29 - 03530608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 03116160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 02940024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 02627192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 01105976 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 01074808 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 01064056 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00944760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00943712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00879000 _____ C:\Windows\system32\nvmcumd.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00512904 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-09-22 20:35 - 2015-09-14 02:29 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-09-17 16:50 - 2015-09-17 16:50 - 00000000 ____D C:\Users\mongole\AppData\Roaming\XnView 2015-09-16 18:58 - 2015-09-16 18:58 - 00000000 ____D C:\Users\mongole\AppData\Roaming\TagScanner 2015-09-16 18:58 - 2015-09-16 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner 2015-09-15 23:24 - 2015-09-15 23:24 - 00000000 ____D C:\Users\mongole\AppData\Roaming\pdfforge 2015-09-15 23:24 - 2015-09-15 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-09-15 23:24 - 2015-06-04 10:36 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2015-09-15 04:12 - 2015-09-15 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2015-09-12 03:14 - 2015-09-12 03:14 - 00000000 ____D C:\Program Files\Common Files\AV 2015-09-12 03:14 - 2015-09-12 03:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-09-12 03:14 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2015-09-11 20:08 - 2015-09-11 20:08 - 00000711 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hatred.lnk 2015-09-11 01:21 - 2015-09-11 01:21 - 00000000 ____D C:\Users\mongole\AppData\Roaming\IrfanView 2015-09-11 01:21 - 2015-09-11 01:21 - 00000000 ____D C:\Program Files\IrfanView 2015-09-11 00:21 - 2015-09-25 17:11 - 00002070 _____ C:\Windows\setupact.log 2015-09-11 00:21 - 2015-09-11 00:21 - 00000000 _____ C:\Windows\setuperr.log 2015-09-10 22:18 - 2015-09-10 22:18 - 00000018 _____ C:\Users\mongole\start 2015-09-10 21:44 - 2015-09-10 22:18 - 00000018 _____ C:\Users\mongole\stop 2015-09-10 21:05 - 2015-09-14 02:29 - 14635600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-09-10 21:05 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll 2015-09-10 21:05 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll 2015-09-10 20:57 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-10 20:57 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-10 20:57 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-10 20:57 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-09-10 20:57 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-09-10 20:57 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-09-10 20:57 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-09-10 20:57 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-09-10 20:57 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-09-10 20:57 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-09-10 20:57 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-09-10 20:57 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-09-10 20:57 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-09-10 20:57 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-09-10 20:57 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-09-10 20:57 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-09-10 20:57 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-09-10 20:57 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-09-10 20:57 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-09-10 20:57 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-09-10 20:57 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-09-10 20:57 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-09-10 20:57 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-09-10 20:57 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-09-10 20:57 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-09-10 20:57 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-09-10 20:57 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-09-10 20:57 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-09-10 20:57 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-09-10 20:57 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-09-10 20:57 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-09-10 20:57 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-09-10 20:57 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-09-10 20:57 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-09-10 20:57 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-09-10 20:57 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-09-10 20:57 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-09-10 20:57 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-09-10 20:57 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-09-10 20:57 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-09-10 20:57 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-09-10 20:57 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-09-10 20:57 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-09-10 20:57 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-09-10 20:57 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-09-10 20:57 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-09-10 20:57 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-09-10 20:57 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-09-10 20:57 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-09-10 20:57 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-09-10 20:57 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-09-10 20:57 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-09-10 20:57 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-09-10 20:57 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2015-09-10 20:57 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe 2015-09-10 20:57 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2015-09-10 20:57 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2015-09-10 20:57 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2015-09-10 20:57 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-09-10 20:57 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-09-10 20:57 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-09-10 20:57 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2015-09-10 20:57 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-09-10 20:57 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2015-09-10 20:57 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2015-09-10 20:57 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2015-09-10 20:57 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2015-09-10 20:57 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2015-09-07 01:18 - 2015-09-07 01:18 - 00002801 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk 2015-09-07 01:18 - 2015-09-07 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking 2015-09-07 01:18 - 2015-09-07 01:18 - 00000000 ____D C:\ProgramData\Killer 2015-09-07 01:18 - 2015-09-07 01:18 - 00000000 ____D C:\Program Files\Killer Networking 2015-09-05 17:51 - 2015-09-05 17:51 - 00000722 _____ C:\Users\mongole\Desktop\Act of Aggression.lnk 2015-09-05 17:51 - 2015-09-05 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Act of Aggression 2015-09-04 21:10 - 2015-09-04 21:12 - 00000000 ____D C:\Users\mongole\Documents\b1-keys 2015-09-04 21:10 - 2015-09-04 21:10 - 00000000 ____D C:\Users\mongole\b1-keys 2015-09-02 14:25 - 2015-09-02 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-09-02 13:36 - 2015-09-02 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 2015-08-30 19:57 - 2015-08-30 19:57 - 00000665 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk 2015-08-30 19:57 - 2015-08-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2015-08-30 19:57 - 2015-08-30 19:57 - 00000000 ____D C:\Program Files (x86)\WinPcap 2015-08-29 13:19 - 2015-08-29 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 2015-08-29 12:55 - 2015-08-29 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guacamelee! Super Turbo Championship Edition [GOG.com] 2015-08-29 12:24 - 2015-08-29 12:24 - 00000000 ____D C:\Users\mongole\AppData\Roaming\Sun 2015-08-29 12:24 - 2015-08-29 12:24 - 00000000 ____D C:\Users\mongole\.oracle_jre_usage 2015-08-27 20:17 - 2015-08-27 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2015-08-27 20:17 - 2015-08-27 20:17 - 00000000 ____D C:\Program Files\Classic Shell ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-25 23:40 - 2015-04-25 06:20 - 00000000 ____D C:\Program Files\McAfee 2015-09-25 23:40 - 2014-09-22 21:43 - 00000000 ____D C:\Users\mongole\AppData\Roaming\.purple 2015-09-25 23:39 - 2014-10-26 01:01 - 00000000 ____D C:\Users\mongole\AppData\Roaming\Ditto 2015-09-25 23:37 - 2014-10-17 18:44 - 00001158 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3859236888-2619314948-3413747170-1001UA.job 2015-09-25 23:30 - 2014-09-22 15:18 - 00070702 _____ C:\Users\mongole\Desktop\main.kdbx 2015-09-25 23:27 - 2015-04-25 06:20 - 00000000 ____D C:\Program Files\stinger 2015-09-25 23:22 - 2014-10-31 13:52 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-25 23:21 - 2014-09-21 21:21 - 00000000 ____D C:\Users\mongole 2015-09-25 22:54 - 2014-09-21 21:26 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3859236888-2619314948-3413747170-1001 2015-09-25 22:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing 2015-09-25 22:48 - 2014-09-22 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConEmu 2015-09-25 22:48 - 2014-09-22 21:39 - 00000000 ____D C:\Program Files\ConEmu 2015-09-25 22:41 - 2015-07-25 19:36 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-09-25 19:47 - 2014-09-21 21:27 - 01816717 _____ C:\Windows\WindowsUpdate.log 2015-09-25 19:41 - 2015-07-25 19:36 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-09-25 17:37 - 2014-10-12 20:02 - 00000000 ____D C:\Users\mongole\AppData\Roaming\qBittorrent 2015-09-25 17:17 - 2014-09-22 15:08 - 00763218 _____ C:\Windows\system32\perfh007.dat 2015-09-25 17:17 - 2014-09-22 15:08 - 00159364 _____ C:\Windows\system32\perfc007.dat 2015-09-25 17:17 - 2014-03-18 12:01 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-25 17:14 - 2014-09-23 01:24 - 00000000 ____D C:\Users\mongole\AppData\Roaming\HexChat 2015-09-25 17:13 - 2014-09-26 00:20 - 00006469 _____ C:\Windows\SysWOW64\Gms.log 2015-09-25 17:12 - 2014-09-24 22:03 - 00000000 ____D C:\Users\mongole\AppData\Roaming\Dropbox 2015-09-25 17:12 - 2014-09-21 21:21 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2015-09-25 17:11 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-25 16:55 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-09-25 16:54 - 2014-09-22 15:20 - 00000000 ____D C:\Users\mongole\AppData\Roaming\KeePass 2015-09-25 16:39 - 2014-10-17 18:44 - 00002452 _____ C:\Users\mongole\Desktop\Google Chrome Canary.lnk 2015-09-25 16:05 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-09-25 02:58 - 2014-10-02 21:17 - 00001780 _____ C:\Windows\Sandboxie.ini 2015-09-25 01:47 - 2014-09-25 15:33 - 00000000 ____D C:\Users\mongole\AppData\Roaming\foobar2000 2015-09-24 22:58 - 2014-10-05 20:45 - 00000000 ____D C:\Users\mongole\AppData\Roaming\vlc 2015-09-24 20:29 - 2014-09-22 23:04 - 00000000 ____D C:\Program Files\Logitech Gaming Software 2015-09-24 20:29 - 2014-03-18 11:51 - 00083868 _____ C:\Windows\PFRO.log 2015-09-24 20:27 - 2014-09-22 23:04 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2015-09-24 20:27 - 2014-09-22 23:04 - 00006223 _____ C:\Windows\LkmdfCoInst.log 2015-09-24 20:27 - 2014-09-22 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-09-24 19:40 - 2014-10-30 11:15 - 00004208 __RSH C:\ProgramData\ntuser.pol 2015-09-24 13:12 - 2015-03-16 21:35 - 00000000 ____D C:\Program Files\Pale Moon 2015-09-24 04:37 - 2014-10-17 18:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3859236888-2619314948-3413747170-1001Core.job 2015-09-23 21:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help 2015-09-22 20:35 - 2014-09-24 01:32 - 00000000 ____D C:\Temp 2015-09-22 20:35 - 2014-09-22 15:15 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-22 20:34 - 2014-09-26 00:16 - 00000000 ____D C:\MSI 2015-09-22 20:34 - 2014-09-26 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-09-22 20:34 - 2014-09-26 00:12 - 00000000 ____D C:\Program Files (x86)\MSI 2015-09-15 04:32 - 2014-10-17 18:44 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3859236888-2619314948-3413747170-1001UA 2015-09-15 04:32 - 2014-10-17 18:44 - 00003728 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3859236888-2619314948-3413747170-1001Core 2015-09-15 04:12 - 2014-09-22 23:59 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask 2015-09-15 04:12 - 2014-09-22 23:59 - 00001906 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2015-09-15 04:12 - 2014-09-22 23:59 - 00000000 ____D C:\Program Files (x86)\Garmin 2015-09-15 04:12 - 2014-09-21 21:27 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-14 02:29 - 2015-02-21 21:30 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-09-14 02:29 - 2014-11-17 00:00 - 15513208 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-09-14 02:29 - 2014-09-22 15:15 - 17082928 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-09-14 02:29 - 2014-09-22 15:15 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-09-14 02:29 - 2014-09-22 15:15 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-09-14 02:29 - 2014-09-22 15:15 - 00033079 _____ C:\Windows\system32\nvinfo.pb 2015-09-14 00:09 - 2014-09-22 15:15 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-09-14 00:09 - 2014-09-22 15:15 - 03496056 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-09-14 00:09 - 2014-09-22 15:15 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-09-14 00:09 - 2014-09-22 15:15 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-09-14 00:09 - 2014-09-22 15:15 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-09-14 00:09 - 2014-09-22 15:15 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-09-13 20:24 - 2014-09-22 22:51 - 00000000 ____D C:\Users\mongole\AppData\Roaming\gnupg 2015-09-11 14:17 - 2014-09-22 15:15 - 05231082 _____ C:\Windows\system32\nvcoproc.bin 2015-09-11 01:00 - 2014-10-24 23:29 - 00000038 _____ C:\Users\mongole\.lesshst 2015-09-11 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-09-11 00:23 - 2014-10-19 23:36 - 00000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk 2015-09-10 22:44 - 2014-10-02 21:44 - 00000912 __RSH C:\Users\mongole\ntuser.pol 2015-09-10 21:08 - 2013-08-22 16:44 - 00409384 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-10 21:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-09-10 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-09-10 20:58 - 2014-03-18 11:43 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-08 22:55 - 2014-09-22 21:36 - 00001771 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FossaMail.lnk 2015-09-08 22:55 - 2014-09-22 21:36 - 00000000 ____D C:\Program Files\FossaMail 2015-09-06 00:52 - 2015-06-22 22:15 - 00000992 _____ C:\Users\mongole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk 2015-09-05 20:14 - 2014-09-25 20:49 - 00000000 ____D C:\Users\mongole\Documents\My Games 2015-09-05 17:38 - 2014-10-24 23:35 - 00000000 ____D C:\Users\mongole\.VirtualBox 2015-09-05 09:16 - 2014-11-16 20:05 - 00000600 _____ C:\Users\mongole\AppData\Roaming\winscp.rnd 2015-09-04 19:49 - 2015-01-11 17:43 - 00034426 _____ C:\Users\mongole\Documents\default.xdb 2015-09-02 14:25 - 2015-07-25 19:36 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-08-31 23:15 - 2014-09-26 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Z 2015-08-29 13:02 - 2015-01-16 03:24 - 00000000 ____D C:\Users\mongole\AppData\Roaming\Azureus 2015-08-29 12:55 - 2014-09-24 01:29 - 00384876 _____ C:\Windows\DirectX.log 2015-08-29 12:24 - 2015-01-19 22:50 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-08-29 12:24 - 2015-01-19 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-29 12:24 - 2014-10-02 16:27 - 00000000 ____D C:\Program Files\Java 2015-08-26 18:37 - 2014-09-23 00:29 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-26 11:36 - 2015-02-08 19:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer ==================== Files in the root of some directories ======= 2014-11-16 20:05 - 2015-09-05 09:16 - 0000600 _____ () C:\Users\mongole\AppData\Roaming\winscp.rnd 2014-09-24 04:01 - 2014-10-28 08:45 - 0005632 _____ () C:\Users\mongole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-22 14:53 - 2015-04-12 14:56 - 0000000 _____ () C:\Users\mongole\AppData\Local\Driver_LOM_8161Present.flag 2015-03-01 01:39 - 2015-03-01 01:39 - 0000000 ___SH () C:\Users\mongole\AppData\Local\LumaEmu 2014-11-24 20:59 - 2015-09-02 20:45 - 0000600 _____ () C:\Users\mongole\AppData\Local\PUTTY.RND 2014-09-26 12:29 - 2015-02-18 01:23 - 0007600 _____ () C:\Users\mongole\AppData\Local\resmon.resmoncfg 2014-10-13 07:21 - 2014-10-13 07:21 - 0004222 _____ () C:\Users\mongole\AppData\Local\Shrew Soft VPN.7z ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-23 02:12 ==================== End of FRST.txt ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by mongole (2015-09-25 23:40:55)
Running from B:\TEMP\mozOpenDownload
Windows 8.1 Enterprise (X64) (2014-09-21 19:21:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3859236888-2619314948-3413747170-500 - Administrator - Disabled)
Guest (S-1-5-21-3859236888-2619314948-3413747170-501 - Limited - Disabled)
mongole (S-1-5-21-3859236888-2619314948-3413747170-1001 - Administrator - Enabled) => C:\Users\mongole
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7+ Taskbar Tweaker v5.0 (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\7 Taskbar Tweaker) (Version: 5.0 - RaMMicHaeL)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Act of Aggression (HKLM-x32\...\Act of Aggression_is1) (Version: - )
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
ADBGUI6 (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\979922cacf20f967) (Version: 6.0.1.22 - URGERO.ORG)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Among The Sleep (HKLM-x32\...\Among The Sleep_is1) (Version: - )
And Yet It Moves (HKLM-x32\...\Steam App 18700) (Version: - Broken Rules)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.3.3 - Angry IP Scanner)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Areca (HKLM-x32\...\Areca) (Version: - )
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Assassins Creed Unity (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Battle vs. Chess (HKLM-x32\...\Battle vs. Chess_is1) (Version: 1.0 - Zuxxez Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)
Bitcoin Core (32-bit) (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Bitcoin Core (32-bit)) (Version: 0.10.1 - Bitcoin Core project)
Bitcoin Core (64-bit) (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Bitcoin Core (64-bit)) (Version: 0.11.0 - Bitcoin Core project)
BleachBit (HKLM-x32\...\BleachBit) (Version: 1.8 - BleachBit)
Bloodsports TV (HKLM-x32\...\Bloodsports TV_is1) (Version: - )
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BtProx (HKLM-x32\...\BtProx) (Version: - Uri Kogan)
Call of Duty - Advanced Warfare (HKLM-x32\...\Call of Duty - Advanced Warfare_is1) (Version: - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Citrix AppCenter (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.Citrix AppCenter) (Version: 1.0 - Delivered by Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
Citrix Terminalserver (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@TS.Citrix Terminalserver) (Version: 1.0 - Delivered by Citrix)
Clam Sentinel 1.22 (HKLM-x32\...\{060FE577-1BDF-4330-ACCA-B6760AB07191}_is1) (Version: - Andrea Russo - Italy)
ClamWin Free Antivirus 0.98.7 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
Classic Shell (HKLM\...\{E289B7DD-6732-4333-A47A-75A145D23EE3}) (Version: 4.2.4 - IvoSoft)
Clink v0.4.2 (HKLM-x32\...\clink_0.4.2) (Version: 0.4.2 - Martin Ridgers)
Closure (HKLM-x32\...\Steam App 72000) (Version: - Eyebrow Interactive)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cmd (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.cmd) (Version: 1.0 - Delivered by Citrix)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
ConEmu (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.ConEmu) (Version: 1.0 - Delivered by Citrix)
ConEmu 150913.x64 (HKLM\...\{FE293547-3E5B-4E1F-B9A8-724C4881CA22}) (Version: 11.150.9130 - ConEmu-Maximus5)
Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome, Inc)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DBOX2 Image-Flashing-Assistent 3.1 (HKLM-x32\...\DBOX2 Image-Flashing-Assistent_is1) (Version: - Hallenberg.com)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
DEAD OR ALIVE 5 Last Round (HKLM-x32\...\REVBRE9SQUxJVkU1TGFzdFJvdW5k_is1) (Version: 1 - )
Dead Rising 3 (HKLM-x32\...\Dead Rising 3_is1) (Version: - )
Depth (HKLM-x32\...\Steam App 274940) (Version: - Digital Confectioners)
Desura (HKLM-x32\...\Desura) (Version: 100.59 - Desura)
DigiTweet (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\7d5aa0ba8fedecb4) (Version: 1.0.0.59 - Digiflare Inc.)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.2 - DiskInternals Research)
Ditto (HKLM\...\Ditto_is1) (Version: - Scott Brogden)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
DS Storage Manager 10 (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.DS Storage Manager 10) (Version: 1.0 - Delivered by Citrix)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
Duplicati (x64) (HKLM\...\{77BA8977-0BA6-4A83-A741-1DFAD23A6B23}) (Version: 1.3.4 - HexaD)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: - )
Dying Light Update v1.4.0 (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - )
Elevated Installer (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
EMET 5.2 (HKLM-x32\...\{F4DCB44D-F072-43A1-B4A5-57619C7B22D2}) (Version: 5.2 - Microsoft Corporation)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
f.lux (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Flux) (Version: - )
Fahrenheit Indigo Prophecy Remastered (HKLM-x32\...\Fahrenheit Indigo Prophecy Remastered_is1) (Version: - )
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - )
Far Cry 4 Valley of the Yeti Addon (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FileZilla Client 3.12.0.2 (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.53 - FileZilla Project)
Firefox (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.Firefox) (Version: 1.0 - Delivered by Citrix)
FlatOut: Ultimate Carnage (HKLM-x32\...\Steam App 12360) (Version: - Bugbear Entertainment)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
FORCED (HKLM-x32\...\Steam App 249990) (Version: - BetaDwarf)
FossaMail 25.1.7 (x64 en-US) (HKLM\...\FossaMail 25.1.7 (x64 en-US)) (Version: 25.1.7 - Mozilla)
Free Download Manager 3.9.6 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
FTPRush 2.1.8 (HKLM-x32\...\FTP Rush_is1) (Version: 2.1.8 - wftpserver.com)
G DATA USB KEYBOARD GUARD (HKLM-x32\...\{D8CBD59F-B29D-4E38-9D66-DEAEAB473FA9}) (Version: 1.1.0.4 - G DATA Software AG)
Garmin Express (HKLM-x32\...\{44d9dfc0-3a4a-4439-870f-f97550a9bc8d}) (Version: 4.1.8.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Geometry Dash (HKLM-x32\...\R2VvbWV0cnlEYXNo_is1) (Version: 1 - )
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.21 - SecureMix LLC)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome Canary (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Google Chrome SxS) (Version: 47.0.2518.0 - Google Inc.)
Gow (HKLM-x32\...\Gow) (Version: - )
Gpg4win (2.2.4) (HKLM-x32\...\GPG4Win) (Version: 2.2.4 - The Gpg4win Project)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
Gtk# for .Net 2.12.22 (HKLM-x32\...\{06AF6533-F201-47C0-8675-AAAE5CB81B41}) (Version: 2.12.22 - Xamarin, Inc.)
Guacamelee! Super Turbo Championship Edition (HKLM-x32\...\1207665733_is1) (Version: 2.0.0.1 - GOG.com)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Halite (HKLM\...\{A6E8D850-4C28-4C6F-8B69-1109D0709F29}) (Version: 0.4.02 - BinaryNotions.com)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hatred Survival Addon (HKLM-x32\...\SGF0cmVk_is1) (Version: 1 - )
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - EKO Software)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
i2pd version 0.2.1 (HKLM\...\i2pd_is1) (Version: 0.2.1 - )
iNFekt NFO Viewer (HKLM\...\{B1AC8E6A-6C47-4B6D-A853-B4BF5C83421C}_is1) (Version: 0.9.5 - syndicode)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Jamestown (HKLM-x32\...\Steam App 94200) (Version: - Final Form Games)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jitsi (HKLM\...\{1069D709-EDA7-472D-A5EE-97C8E3E398AB}) (Version: 2.8.5426 - Jitsi)
JSignPdf 1.6.1 (HKLM-x32\...\JSignPdf_is1) (Version: 1.6.1 - Josef Cacek)
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
Killer Bandwidth Control Filter Driver (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.54.1095 - Qualcomm Atheros)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 5.0.1.2 (HKLM\...\{A18CF6D8-7CE1-46F2-85B9-D87B7197B2F6}) (Version: 5.0.1.2 - The Document Foundation)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.2 - Hermann Schinagl)
Logitech Gaming Software 8.72 (HKLM\...\Logitech Gaming Software) (Version: 8.72.107 - Logitech Inc.)
Loxone Config (HKLM-x32\...\LoxoneConfig_is1) (Version: 6.3 - Loxone Electronics GmbH)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaInfo 0.7.77 (HKLM\...\MediaInfo) (Version: 0.7.77 - MediaArea.net)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 40.0.3 (x86 de) (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.00 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.35 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.008 - MSI)
Mumble 1.3.0 (HKLM\...\{006B90FD-7E67-4908-A718-9B87B875DD04}) (Version: 1.3.0 - The Mumble team)
My Game Long Name (HKLM\...\UDK-348e5299-f952-4ecf-bb48-70a2184543c0) (Version: - Epic Games, Inc.)
Namecoin 0.3.80 (HKLM-x32\...\Namecoin_is1) (Version: - )
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version: - Bugbear)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Nmap 6.47 (HKLM-x32\...\Nmap) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8 - Notepad++ Team)
NVIDIA Grafiktreiber 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{46CD29D7-580C-4E2E-8469-BD7F7CB1CCF8}) (Version: 18.0.39 - O&O Software GmbH)
Oddworld - New 'n' Tasty (HKLM-x32\...\1424782569_is1) (Version: 2.0.0.1 - GOG.com)
OlliOlli (HKLM-x32\...\T2xsaU9sbGk=_is1) (Version: 1 - )
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version: - )
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.1.5446 - ownCloud)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Pale Moon 25.7.0 (x64 en-US) (HKLM\...\Pale Moon 25.7.0 (x64 en-US)) (Version: 25.7.0 - Moonchild Productions)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.312.1 - Tracker Software Products (Canada) Ltd.)
PeaZip 5.7.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Peerunity (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\Peerunity) (Version: 0.1.0.0 - Peerunity project)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
PNGGauntlet (HKLM-x32\...\{B2D251E2-A78B-42C2-9D94-695A8CCC17E9}) (Version: 3.1.1 - Ben Hollis)
PokerTH (HKLM-x32\...\PokerTH 1.1.1) (Version: 1.1.1 - www.pokerth.net)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
Pro Evolution Soccer 2015 GERMAN (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Process Hacker 2.36 (r6153) (HKLM\...\Process_Hacker2_is1) (Version: 2.36.0.6153 - wj32)
Psi (remove only) (HKLM-x32\...\Psi) (Version: - )
Putty (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.Putty) (Version: 1.0 - Delivered by Citrix)
qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
QNAP Qfinder (HKLM-x32\...\QNAP_FINDER) (Version: 5.0.1.0225 - QNAP Systems, Inc.)
QuickSFV (Remove only) (HKLM\...\QuickSFV) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
Saints Row: Gat out of Hell (HKLM-x32\...\U2FpbnRzUm93R2F0b3V0b2ZIZWxs_is1) (Version: 1 - )
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.51.00(19.06.2014) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (20.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Sandboxie 4.20 (64-bit) (HKLM\...\Sandboxie) (Version: 4.20 - Sandboxie Holdings, LLC)
Self-Service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
SERVER-MGMT Desktop (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.SERVER-MGMT Desktop) (Version: 1.0 - Delivered by Citrix)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Sir You Are Being Hunted v1.3 64BiT version 1.3 (HKLM-x32\...\Sir You Are Being Hunted v1.3 64BiT_is1) (Version: 1.3 - WaLMaRT)
SOMA (HKLM\...\U09NQQ==_is1) (Version: 1 - )
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Sound Blaster Z-Series (HKLM-x32\...\{47F19FB5-6878-4AE4-9313-446335E334D8}) (Version: 1.00.24 - Creative Technology Limited)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spaz (HKLM-x32\...\Spaz.AIR.16CB261D461B1CA2027F7C39946115FA2DC8CD7F.1) (Version: 0.9.24 - UNKNOWN)
Spaz (x32 Version: 0.9.24 - UNKNOWN) Hidden
Spintires (HKLM-x32\...\Spintires_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.9811 - Krzysztof Kowalczyk)
Synergy (64-bit) (HKLM\...\{FDD88467-9C61-4E2D-BA69-2A89735A21CC}) (Version: 1.5.0 - The Synergy Project)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - Irrational Games)
TagScanner 5.1.668 (HKLM-x32\...\TagScanner_is1) (Version: - Sergey Serkov)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tembo the Badass Elephant (HKLM-x32\...\Tembo the Badass Elephant_is1) (Version: - )
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Evil Within (HKLM-x32\...\VGhlRXZpbFdpdGhpbg==_is1) (Version: 1 - )
The Vanishing of Ethan Carter (HKLM-x32\...\The Vanishing of Ethan Carter_is1) (Version: - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
The Witcher 3 Wild Hunt (HKLM-x32\...\The Witcher 3 Wild Hunt_is1) (Version: - )
TOXIKK (HKLM-x32\...\Steam App 324810) (Version: - Reakktor Studios)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
Transmission Remote GUI 5.0.1 (HKLM-x32\...\transgui_is1) (Version: - Yury Sidorov)
Trials Fusion - After the Incident (HKLM-x32\...\Trials Fusion - After the Incident_is1) (Version: - )
Trials Fusion - Fire in the Deep (HKLM-x32\...\Trials Fusion - Fire in the Deep_is1) (Version: - )
Trials Fusion (HKLM-x32\...\Trials Fusion_is1) (Version: - )
Trine 3 The Artifacts of Power (HKLM-x32\...\Trine 3 The Artifacts of Power_is1) (Version: - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TV-Browser 3.4.1.0 (HKLM-x32\...\tvbrowser) (Version: 3.4.1.0 - TV-Browser Team)
Ultratron (HKLM-x32\...\Steam App 219190) (Version: - Puppygames)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.6 - uvnc bvba)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Universal Management Suite Administrator (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.Universal Management Suite Administrat) (Version: 1.0 - Delivered by Citrix)
Universal Management Suite Console (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.Universal Management Suite Console) (Version: 1.0 - Delivered by Citrix)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unreal Tournament: Game of the Year Edition (HKLM-x32\...\Steam App 13240) (Version: - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.0f-2 - IDRIX)
Vim 7.4.711 (HKLM-x32\...\Vim) (Version: - )
VirtuaWin Unicode v4.4 (HKLM-x32\...\VirtuaWin_is1) (Version: - )
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware vSphere Client (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.VMware vSphere Client) (Version: 1.0 - Delivered by Citrix)
VNC (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\tsstore-87856311@@MGMT.VNC) (Version: 1.0 - Delivered by Citrix)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WATCH_DOGS Update v1.04.497 (HKLM-x32\...\V0FUQ0hfRE9HUw==_is1) (Version: 1 - )
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
WinDirStat 1.1.2 (HKU\S-1-5-21-3859236888-2619314948-3413747170-1001\...\WinDirStat) (Version: - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.7.4 (HKLM-x32\...\winscp3_is1) (Version: 5.7.4 - Martin Prikryl)
Wippien 2.5 (HKLM\...\A4DA3EE7-C6FC-44AD-9E47-9A4D3B0099D3_is1) (Version: - )
Wireshark 1.12.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.7 - The Wireshark developer community, hxxp://www.wireshark.org)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version: - Team17 Software Ltd.)
XCA (X Certificate and Key Management) (HKLM-x32\...\xca) (Version: 1.2.0 - Christian Hohnstaedt <christian@hohnstaedt.de>)
YubiKey Personalization Tool (HKLM-x32\...\yubikey-personalization-gui) (Version: 3.1.18 - Yubico AB)
Geändert von CptMw (25.09.2015 um 22:59 Uhr) |
| Themen zu Win 8.1: Trojaner eingefangen |
| .dll, adware, antivirus, askbar, browser, defender, desktop, detected, dnsapi.dll, explorer, flash player, free download, google, inject, launch, microsoft, moonchild, mozilla, nvidia, performance, programme, realtek, robot, security, services.exe, software, svchost.exe, system, temp, trojaner, win10, windows, winlogon.exe |
Baum-Darstellung