Trojaner-Board - Tastatur unter Windows 7 fällt aus

Systeminfo Teil 2

Code:

USB Root Hub --------------------------------------------------------------
 
 

[Port1] : USB Hub ---------------------------------------------------------
 
 

[Port1] : Generic Bluetooth Adapter ---------------------------------------
 

 [Device Information]

  Device Manufacturer:                    

  Product Name:                           

  Serial Number:                          

  USB Version Supported:                  2.00

  USB Device Speed:                       USB 1.1 Full-speed

  Driver Description:                     Generic Bluetooth Adapter

  Hardware ID:                            USB\VID_03F0&PID_231D

 [Driver Information]

  Driver Manufacturer:                    GenericAdapter

  Driver Description:                     Generic Bluetooth Adapter

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17889

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        USB\VID_03F0&PID_231D\6&2F85DB4&0&1
 

[Port2] : No Device Connected ---------------------------------------------
 
 

[Port3] : Validity Sensors (WBF) VFS451 -----------------------------------
 

 [Device Information]

  Device Manufacturer:                    N/A

  Product Name:                           N/A

  Serial Number:                          3510f1ef1e01

  USB Version Supported:                  1.10

  USB Device Speed:                       USB 1.1 Full-speed

  Driver Description:                     Validity Sensors (WBF) VFS451

  Hardware ID:                            USB\VID_138A&PID_0007

 [Driver Information]

  Driver Manufacturer:                    Validity Sensors, Inc.

  Driver Description:                     Validity Sensors (WBF) VFS451

  Driver Provider:                        Validity Sensors, Inc.

  Driver Version:                         4.5.124.0

  Driver Date:                            22-Jul-2009

  DeviceInstanceId                        USB\VID_138A&PID_0007\3510F1EF1E01
 

[Port4] : No Device Connected ---------------------------------------------
 
 

[Port5] : USB-Verbundgerät ------------------------------------------------
 

 [Device Information]

  Device Manufacturer:                    

  Product Name:                           

  Serial Number:                          

  USB Version Supported:                  2.00

  USB Device Speed:                       USB 2.0 High-speed

  Driver Description:                     USB-Verbundgerät

  Hardware ID:                            USB\VID_04F2&PID_B1AC

 [Driver Information]

  Driver Manufacturer:                    (Standard-USB-Hostcontroller)

  Driver Description:                     USB-Verbundgerät

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.18328

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        USB\VID_04F2&PID_B1AC\6&2F85DB4&0&5
 

[Port6] : No Device Connected ---------------------------------------------
 
 

[Port2] : No Device Connected ---------------------------------------------
 
 

Intel 5 Series/34x0 Chipset PCH - High Definition Audio Controller [B2] ---
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - High Definition Audio Controller [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - High Definition Audio Controller [B2]

  Device Class:                           Mixed mode device

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          27

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B56&SUBSYS_1471103C&REV_05

 [PCI Express]

  Version:                                1.1

  Current Link Width:                     Not negotiated

  Device/Port Type:                       Root Complex Integrated Endpoint

  Slot Implemented:                       No

  Active State Power Management (ASPM) Support: None

  Active State Power Management (ASPM) Status: Disabled

 [System Resources]

  Interrupt Line:                         IRQ16

  Interrupt Pin:                          INTA#

  Memory Base Address 0                   D4520000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Microsoft

  Driver Description:                     High Definition Audio-Controller

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            19-Nov-2010

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B56&SUBSYS_1471103C&REV_05\3&33FD14CA&0&D8
 

Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #1 [B2] -----------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #1 [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #1 [B2]

  Device Class:                           PCI-to-PCI Bridge

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          28

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B42&SUBSYS_00000000&REV_05

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     Not negotiated

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       Root Port of PCI Express Root Complex

  Slot Implemented:                       Yes

  Hot-Plug:                               Not Capable

  Hot-Plug Surprise:                      Capable

  Slot Power Limit:                       10.000 W

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: Disabled

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          INTA#

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 1 - 3B42

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B42&SUBSYS_1471103C&REV_05\3&33FD14CA&0&E0
 

PCI Express x1 Bus #2 -----------------------------------------------------
 
 

Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #2 [B2] -----------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #2 [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #2 [B2]

  Device Class:                           PCI-to-PCI Bridge

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          28

  Function Number:                        1

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B44&SUBSYS_00000000&REV_05

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     Not negotiated

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       Root Port of PCI Express Root Complex

  Slot Implemented:                       Yes

  Hot-Plug:                               Capable

  Hot-Plug Surprise:                      Capable

  Slot Power Limit:                       10.000 W

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: Disabled

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          INTB#

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 2 - 3B44

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B44&SUBSYS_1471103C&REV_05\3&33FD14CA&0&E1
 

PCI Express x1 Bus #3 -----------------------------------------------------
 
 

Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #3 [B2] -----------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #3 [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #3 [B2]

  Device Class:                           PCI-to-PCI Bridge

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          28

  Function Number:                        2

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B46&SUBSYS_00000000&REV_05

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       Root Port of PCI Express Root Complex

  Slot Implemented:                       Yes

  Hot-Plug:                               Not Capable

  Hot-Plug Surprise:                      Capable

  Slot Power Limit:                       10.000 W

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          INTC#

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 3 - 3B46

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B46&SUBSYS_1471103C&REV_05\3&33FD14CA&0&E2
 

PCI Express x1 Bus #68 ----------------------------------------------------
 
 

Ricoh R5U23x/24x PCI-E SD/MMC Host Controller -----------------------------
 

 [General Information]

  Device Name:                            Ricoh R5U23x/24x PCI-E SD/MMC Host Controller

  Original Device Name:                   Ricoh R5U23x/24x PCI-E SD/MMC Host Controller

  Device Class:                           SD Host Controller

  Revision ID:                            1

  Bus Number:                             68

  Device Number:                          0

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_1180&DEV_E822&SUBSYS_1471103C&REV_01

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       PCI Express Endpoint

  Slot Implemented:                       No

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         IRQ18

  Interrupt Pin:                          INTA#

  Memory Base Address 0                   D0203000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    SDA-Standard konformer SD-Hostcontrollerhersteller

  Driver Description:                     SDA-Standard konformer SD-Hostcontroller

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_1180&DEV_E822&SUBSYS_1471103C&REV_01\4&174D685E&0&00E2
 

Ricoh R5U23x/24x PCI-E Memory Stick Host Controller -----------------------
 

 [General Information]

  Device Name:                            Ricoh R5U23x/24x PCI-E Memory Stick Host Controller

  Original Device Name:                   Ricoh R5U23x/24x PCI-E Memory Stick Host Controller

  Device Class:                           Unknown Peripheral Device

  Revision ID:                            1

  Bus Number:                             68

  Device Number:                          0

  Function Number:                        1

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_1180&DEV_E230&SUBSYS_1471103C&REV_01

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       PCI Express Endpoint

  Slot Implemented:                       No

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         IRQ10

  Interrupt Pin:                          INTB#

  Memory Base Address 0                   D0202000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

  DeviceInstanceId                        PCI\VEN_1180&DEV_E230&SUBSYS_1471103C&REV_01\4&174D685E&0&01E2
 

Ricoh R5C8xx PCI-E xD-Picture Card Controller -----------------------------
 

 [General Information]

  Device Name:                            Ricoh R5C8xx PCI-E xD-Picture Card Controller

  Original Device Name:                   Ricoh R5C8xx PCI-E xD-Picture Card Controller

  Device Class:                           Unknown Peripheral Device

  Revision ID:                            1

  Bus Number:                             68

  Device Number:                          0

  Function Number:                        2

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_1180&DEV_E852&SUBSYS_1471103C&REV_01

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       PCI Express Endpoint

  Slot Implemented:                       No

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         IRQ10

  Interrupt Pin:                          INTC#

  Memory Base Address 0                   D0201000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

  DeviceInstanceId                        PCI\VEN_1180&DEV_E852&SUBSYS_1471103C&REV_01\4&174D685E&0&02E2
 

Ricoh PCI-E OHCI Compliant FireWire Controller ----------------------------
 

 [General Information]

  Device Name:                            Ricoh PCI-E OHCI Compliant FireWire Controller

  Original Device Name:                   Ricoh PCI-E OHCI Compliant FireWire Controller

  Device Class:                           Firewire (IEEE 1394) Serial Bus

  Revision ID:                            1

  Bus Number:                             68

  Device Number:                          0

  Function Number:                        3

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_1180&DEV_E832&SUBSYS_1471103C&REV_01

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       PCI Express Endpoint

  Slot Implemented:                       No

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         IRQ17

  Interrupt Pin:                          INTD#

  Memory Base Address 0                   D0200000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Ricoh

  Driver Description:                     OHCI-konformer Ricoh 1394-Hostcontroller

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_1180&DEV_E832&SUBSYS_1471103C&REV_01\4&174D685E&0&03E2
 

Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #4 [B2] -----------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #4 [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - PCI Express Root Port #4 [B2]

  Device Class:                           PCI-to-PCI Bridge

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          28

  Function Number:                        3

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B48&SUBSYS_00000000&REV_05

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       Root Port of PCI Express Root Complex

  Slot Implemented:                       Yes

  Hot-Plug:                               Not Capable

  Hot-Plug Surprise:                      Capable

  Slot Power Limit:                       10.000 W

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          INTD#

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 4 - 3B48

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B48&SUBSYS_1471103C&REV_05\3&33FD14CA&0&E3
 

PCI Express x1 Bus #69 ----------------------------------------------------
 
 

Broadcom 802.11n Wireless Network Adapter ---------------------------------
 

 [General Information]

  Device Name:                            Broadcom 802.11n Wireless Network Adapter

  Original Device Name:                   Broadcom 802.11n Wireless Network Adapter

  Device Class:                           Unknown Network Adapter

  Revision ID:                            1

  Bus Number:                             69

  Device Number:                          0

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_14E4&DEV_4727&SUBSYS_145C103C&REV_01

 [PCI Express]

  Version:                                1.1

  Maximum Link Width:                     1x

  Current Link Width:                     1x

  Maximum Link Speed:                     2.5 Gb/s

  Current Link Speed:                     2.5 Gb/s

  Device/Port Type:                       PCI Express Endpoint

  Slot Implemented:                       No

  Active State Power Management (ASPM) Support: L0s and L1

  Active State Power Management (ASPM) Status: L1 Entry

 [System Resources]

  Interrupt Line:                         IRQ19

  Interrupt Pin:                          INTA#

  Memory Base Address 0                   D0100000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Broadcom

  Driver Description:                     Broadcom 802.11n Network Adapter

  Driver Provider:                        Microsoft

  Driver Version:                         5.100.82.95

  Driver Date:                            21-Apr-2009

  DeviceInstanceId                        PCI\VEN_14E4&DEV_4727&SUBSYS_145C103C&REV_01\000082FFFFCF002600
 

Intel 5 Series/34x0 Chipset PCH - USB 2.0 EHCI Controller #1 [B2] ---------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - USB 2.0 EHCI Controller #1 [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - USB 2.0 EHCI Controller #1 [B2]

  Device Class:                           Universal Serial Bus (USB)

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          29

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B34&SUBSYS_1471103C&REV_05

 [System Resources]

  Interrupt Line:                         IRQ20

  Interrupt Pin:                          INTA#

  Memory Base Address 0                   D4528000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Capable

  USB Version Supported:                  2.0

 [Driver Information]

  Driver Manufacturer:                    (Standard-USB-Hostcontroller)

  Driver Description:                     Standard PCI-zu-USB erweiterter Hostcontroller

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.18328

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B34&SUBSYS_1471103C&REV_05\3&33FD14CA&0&E8
 

USB Root Hub --------------------------------------------------------------
 
 

[Port1] : USB Hub ---------------------------------------------------------
 
 

[Port1] : No Device Connected ---------------------------------------------
 
 

[Port2] : No Device Connected ---------------------------------------------
 
 

[Port3] : No Device Connected ---------------------------------------------
 
 

[Port4] : No Device Connected ---------------------------------------------
 
 

[Port5] : No Device Connected ---------------------------------------------
 
 

[Port6] : No Device Connected ---------------------------------------------
 
 

[Port7] : No Device Connected ---------------------------------------------
 
 

[Port8] : No Device Connected ---------------------------------------------
 
 

[Port2] : No Device Connected ---------------------------------------------
 
 

Intel 82801xxM Mobile I/O Controller Hub ----------------------------------
 

 [General Information]

  Device Name:                            Intel 82801xxM Mobile I/O Controller Hub

  Original Device Name:                   Intel 82801xxM Mobile I/O Controller Hub

  Device Class:                           PCI-to-PCI Bridge

  Revision ID:                            A5

  Bus Number:                             0

  Device Number:                          30

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2448&SUBSYS_00000000&REV_A5

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 82801 PCI-Brücke - 2448

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2448&SUBSYS_1471103C&REV_A5\3&33FD14CA&0&F0

 [ICH Configuration]

  High Priority PCI:                      Disabled

  15-16MB Hole:                           Disabled

  Discard Timer Mode [ICH2]:              128 PCICLKs (4 us)

  32-Clock Retry [ICH2]/12-Clock Retry [ICH3/4]: Disabled

 [Multi-Transaction Timer]

  Multi-Transaction Timer Count Value:    0 PCICLKs

 [Error Command]

  SERR# On Target Abort Receive:          Disabled

  SERR# On Delayed Transaction Timeout:   Disabled
 

PCI Bus #70 ---------------------------------------------------------------
 
 

Intel HM57 Express Chipset - LPC Interface Controller [B2] ----------------
 

 [General Information]

  Device Name:                            Intel HM57 Express Chipset - LPC Interface Controller [B2]

  Original Device Name:                   Intel HM57 Express Chipset - LPC Interface Controller [B2]

  Device Class:                           PCI-to-ISA Bridge

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          31

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B0B&SUBSYS_1471103C&REV_05

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) HM57 Express-Chipsatz - LPC-Schnittstellencontroller - 3B0B

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B0B&SUBSYS_1471103C&REV_05\3&33FD14CA&0&F8
 

Intel 5 Series Chipset-M PCH - SATA AHCI 6-port Controller [B2] -----------
 

 [General Information]

  Device Name:                            Intel 5 Series Chipset-M PCH - SATA AHCI 6-port Controller [B2]

  Original Device Name:                   Intel 5 Series Chipset-M PCH - SATA AHCI 6-port Controller [B2]

  Device Class:                           Serial ATA Controller

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          31

  Function Number:                        2

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B2F&SUBSYS_1471103C&REV_05

 [System Resources]

  Interrupt Line:                         IRQ21

  Interrupt Pin:                          INTA#

  I/O Base Address 0                      5048

  I/O Base Address 1                      5054

  I/O Base Address 2                      5040

  I/O Base Address 3                      5050

  I/O Base Address 4                      5000

  Memory Base Address 5                   D4527000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Capable

  Fast Back-to-Back Transactions:         Capable

 [SATA Host Controller]

  Interface Speed Supported:              Gen2 3.0 Gbps

  Number Of Ports:                        6

  External SATA Support:                  Capable

  Aggressive Link Power Management:       Capable

  Staggered Spin-up:                      Capable

  Mechanical Presence Switch:             Not Capable

  Command Queue Acceleration:             Capable

  AHCI Status:                            Enabled

  AHCI Version:                           1.30

  Ports Implemented:                      0, 1, 2, 4, 5

 [SATA Port#0]

  Port Status:                            Device Present, Phy communication established

  Current Interface Speed:                Gen1 1.5 Gbps

  External SATA Port:                     Not Capable

  Hot Plug:                               Not Capable

  Device Type:                            SATA

 [SATA Port#1]

  Port Status:                            Device Present, Phy communication established

  Current Interface Speed:                Gen1 1.5 Gbps

  External SATA Port:                     Not Capable

  Hot Plug:                               Not Capable

  Device Type:                            SATA

 [SATA Port#2]

  Port Status:                            No Device Present

  External SATA Port:                     Capable

  Hot Plug:                               Capable

 [SATA Port#4]

  Port Status:                            No Device Present

  External SATA Port:                     Capable

  Hot Plug:                               Capable

 [SATA Port#5]

  Port Status:                            No Device Present

  External SATA Port:                     Capable

  Hot Plug:                               Capable

 [Driver Information]

  Driver Manufacturer:                    Standard AHCI 1.0 Serieller-ATA-Controller

  Driver Description:                     Standard AHCI 1.0 Serieller-ATA-Controller

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.18231

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B2F&SUBSYS_1471103C&REV_05\3&33FD14CA&0&FA
 

Intel 5 Series/34x0 Chipset PCH - SMBus Controller [B2] -------------------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - SMBus Controller [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - SMBus Controller [B2]

  Device Class:                           SMBus (System Management Bus)

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          31

  Function Number:                        3

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B30&SUBSYS_1471103C&REV_05

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          INTC#

  Memory Base Address 0                   0

  I/O Base Address 4                      EF80

 [Features]

  Bus Mastering:                          Disabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Capable
 

Intel 5 Series/34x0 Chipset PCH - Thermal Sensor [B2] ---------------------
 

 [General Information]

  Device Name:                            Intel 5 Series/34x0 Chipset PCH - Thermal Sensor [B2]

  Original Device Name:                   Intel 5 Series/34x0 Chipset PCH - Thermal Sensor [B2]

  Device Class:                           Unknown Data Acquisition/Signal Processing Controller

  Revision ID:                            5

  Bus Number:                             0

  Device Number:                          31

  Function Number:                        6

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_3B32&SUBSYS_1471103C&REV_05

 [System Resources]

  Interrupt Line:                         IRQ10

  Interrupt Pin:                          INTC#

  Memory Base Address 0                   D4526000

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 5 Series/3400 Series-Chipsatzfamilie - Thermosubsystem - 3B32

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_3B32&SUBSYS_1471103C&REV_05\3&33FD14CA&0&FE
 

PCI Bus #255 --------------------------------------------------------------
 
 

Intel QuickPath Architecture - Generic Non-core (Uncore) Registers --------
 

 [General Information]

  Device Name:                            Intel QuickPath Architecture - Generic Non-core (Uncore) Registers

  Original Device Name:                   Intel QuickPath Architecture - Generic Non-core (Uncore) Registers

  Device Class:                           Host-to-PCI Bridge

  Revision ID:                            2

  Bus Number:                             255

  Device Number:                          0

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2C62&SUBSYS_80868086&REV_02

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    (Standardsystemgeräte)

  Driver Description:                     PCI Standard-Host-CPU-Brücke

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2C62&SUBSYS_80868086&REV_02\3&4F11E61&0&00
 

Intel QuickPath Architecture - System Address Decoder (SAD) ---------------
 

 [General Information]

  Device Name:                            Intel QuickPath Architecture - System Address Decoder (SAD)

  Original Device Name:                   Intel QuickPath Architecture - System Address Decoder (SAD)

  Device Class:                           Host-to-PCI Bridge

  Revision ID:                            2

  Bus Number:                             255

  Device Number:                          0

  Function Number:                        1

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2D01&SUBSYS_80868086&REV_02

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    (Standardsystemgeräte)

  Driver Description:                     PCI Standard-Host-CPU-Brücke

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2D01&SUBSYS_80868086&REV_02\3&4F11E61&0&01
 

Intel QuickPath Interconnect - QPI Link 0 Control -------------------------
 

 [General Information]

  Device Name:                            Intel QuickPath Interconnect - QPI Link 0 Control

  Original Device Name:                   Intel QuickPath Interconnect - QPI Link 0 Control

  Device Class:                           Host-to-PCI Bridge

  Revision ID:                            2

  Bus Number:                             255

  Device Number:                          2

  Function Number:                        0

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2D10&SUBSYS_80868086&REV_02

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    (Standardsystemgeräte)

  Driver Description:                     PCI Standard-Host-CPU-Brücke

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2D10&SUBSYS_80868086&REV_02\3&4F11E61&0&10
 

Intel QuickPath Interconnect - QPI Physical 0 Control ---------------------
 

 [General Information]

  Device Name:                            Intel QuickPath Interconnect - QPI Physical 0 Control

  Original Device Name:                   Intel QuickPath Interconnect - QPI Physical 0 Control

  Device Class:                           Host-to-PCI Bridge

  Revision ID:                            2

  Bus Number:                             255

  Device Number:                          2

  Function Number:                        1

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2D11&SUBSYS_80868086&REV_02

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    (Standardsystemgeräte)

  Driver Description:                     PCI Standard-Host-CPU-Brücke

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2D11&SUBSYS_80868086&REV_02\3&4F11E61&0&11
 

Intel QuickPath Interconnect - QPI (FDI?) ---------------------------------
 

 [General Information]

  Device Name:                            Intel QuickPath Interconnect - QPI (FDI?)

  Original Device Name:                   Intel QuickPath Interconnect - QPI (FDI?)

  Device Class:                           Host-to-PCI Bridge

  Revision ID:                            2

  Bus Number:                             255

  Device Number:                          2

  Function Number:                        2

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2D12&SUBSYS_80868086&REV_02

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    (Standardsystemgeräte)

  Driver Description:                     PCI Standard-Host-CPU-Brücke

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2D12&SUBSYS_80868086&REV_02\3&4F11E61&0&12
 

Intel QuickPath Interconnect - QPI (FDI?) ---------------------------------
 

 [General Information]

  Device Name:                            Intel QuickPath Interconnect - QPI (FDI?)

  Original Device Name:                   Intel QuickPath Interconnect - QPI (FDI?)

  Device Class:                           Host-to-PCI Bridge

  Revision ID:                            2

  Bus Number:                             255

  Device Number:                          2

  Function Number:                        3

  PCI Latency Timer:                      0

  Hardware ID:                            PCI\VEN_8086&DEV_2D13&SUBSYS_80868086&REV_02

 [System Resources]

  Interrupt Line:                         N/A

  Interrupt Pin:                          N/A

 [Features]

  Bus Mastering:                          Enabled

  Running At 66 MHz:                      Not Capable

  Fast Back-to-Back Transactions:         Not Capable

 [Driver Information]

  Driver Manufacturer:                    (Standardsystemgeräte)

  Driver Description:                     PCI Standard-Host-CPU-Brücke

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        PCI\VEN_8086&DEV_2D13&SUBSYS_80868086&REV_02\3&4F11E61&0&13
 

Video Adapter -------------------------------------------------------------
 
 

ATI/AMD Mobility Radeon HD 4550 -------------------------------------------
 

 [Video chipset]

  Video Chipset:                          ATI/AMD Mobility Radeon HD 4550

  Video Chipset Codename:                 M93

  Video Memory:                           512 MBytes of DDR3 SDRAM

 [Video Card]

  Video Card:                             ATI/AMD Mobility Radeon HD 4550 (M93) [Hewlett-Packard]

  Video Bus:                              PCIe v1.1 x16 (2.5 Gb/s) @ x16 (2.5 Gb/s)

  Video RAMDAC:                           Internal DAC(400MHz)

  Video BIOS Version:                     011.022.008.002.037151

 [Performance]

  Processor Clock:                        220.0 MHz

  Memory Clock:                           249.8 MHz (Effective 499.5 MHz)

  Memory Bus Width:                       64-bit

  Number Of ROPs:                         4

  Number Of Unified Shaders:              80

  ASIC Serial Number:                     3737786003631

  Hardware ID:                            PCI\VEN_1002&DEV_9555&SUBSYS_1471103C&REV_00

 [Driver Information]

  Driver Manufacturer:                    ATI Technologies Inc.

  Driver Description:                     ATI Mobility Radeon HD 4500 Series 

  Driver Provider:                        ATI Technologies Inc.

  Driver Version:                         8.632.1.2000

  Driver Date:                            17-Aug-2009

  DeviceInstanceId                        PCI\VEN_1002&DEV_9555&SUBSYS_1471103C&REV_00\4&1AB0281D&0&0008
 

Monitor -------------------------------------------------------------------
 
 

AU Optronics B156RW01 V1 --------------------------------------------------
 

 [General information]

  Monitor Name:                           AU Optronics B156RW01 V1

  Monitor Name (Manuf):                   AUO          B156RW01 V1  

  Serial Number:                          Unknown

  Date Of Manufacture:                    Week: 1, Year: 2008

  Monitor Hardware ID:                    Monitor\AUO01EE

  Max. Vertical Size:                     19 cm

  Max. Horizontal Size:                   34 cm

 [Advanced parameters]

  Input Signal:                           Digital

  Display Type:                           RGB color

  Gamma Factor:                           2.20

 [DPMS Modes]

  Standby:                                Not Supported

  Suspend:                                Not Supported

  Active Off:                             Not Supported

  Standard Colour Space:                  Not Supported

  Preferred Timing Mode:                  Supported

  Default GTF Supported:                  Not Supported

  DFP 1.x Compatible:                     No

 [Supported Video Modes]

  1600 x 900                              344 x 193 mm, Pixel Clock 107.80 MHz
 

Drives --------------------------------------------------------------------
 
 

Floppy Drives -------------------------------------------------------------
 
 

1.44 MB 3½" ---------------------------------------------------------------
 
 

(S)ATA/ATAPI Drives -------------------------------------------------------
 
 

WDC WD2500BEVS-75UST0 -----------------------------------------------------
 

 [General Information]

  Drive Controller:                       Serial ATA 1.5Gb/s

  Drive Model:                            WDC WD2500BEVS-75UST0

  Drive Revision:                         01.01A01

  Drive Serial Number:                    WD-WXC108444158

  World Wide Name:                        50014EE210D40AF

  Drive Capacity:                         238,475 MBytes (250 GB)

  Drive Capacity [MB]:                    238475

 [Drive Geometry]

  Number of Cylinders:                    16383

  Number of Heads:                        16

  Sectors Per Track:                      63

  Number Of ECC Bytes:                    50

  Number of Sectors:                      16514064

  Total 32-bit LBA Sectors:               268435455

  Total 48-bit LBA Sectors:               488397168

  Cache Buffer Size:                      8192 KBytes

 [Transfer Modes]

  Sectors Per Interrupt:                  Total: 16, Active: 0

  Max. PIO Transfer Mode:                 4

  Multiword DMA Mode:                     Total: 2, Active: -

  Singleword DMA Mode:                    Total: -, Active: -

  Ultra-DMA Mode:                         Total: 6 (ATA-133), Active: 6 (ATA-133)

  Max. Multiword DMA Transfer Rate:       16.7 MBytes/s

  Max. PIO with IORDY Transfer Rate:      16.7 MBytes/s

  Max. PIO w/o IORDY Transfer Rate:       16.7 MBytes/s

  Transfer Width:                         16-bit

  Native Command Queuing:                 Supported, Max. Depth: 32

  TRIM Command:                           Not Supported

 [Device flags]

  Fixed Drive:                            Present

  Removable Drive:                        Not Present

  Magnetic Storage:                       Present

  LBA Mode:                               Supported

  DMA Mode:                               Supported

  IORDY:                                  Supported

  IORDY Disableable:                      Supported

 [Features]

  Write Cache:                            Present, Active

  S.M.A.R.T. Feature:                     Present, Active

  Security Feature:                       Present, Inactive

  Removable Media Feature:                Not Present, Disabled

  Power Management:                       Present, Active

  Advanced Power Management:              Present, Active

  Packet Interface:                       Not Present, Disabled

  Look-Ahead Buffer:                      Present, Active

  Host Protected Area:                    Present, Enabled

  Power-Up In Standby:                    Not Suppported, Inactive

  Automatic Acoustic Management:          Supported, Active

  48-bit LBA:                             Supported, Active

  Host-Initiated Link Power Management:   Supported

  Device-Initiated Link Power Management: Supported, Disabled

  In-Order Data Delivery:                 Not Supported

  Hardware Feature Control:               Not Supported

  Software Settings Preservation:         Supported, Enabled

  NCQ Autosense:                          Not Supported

  Link Power State Device Sleep:          Not Supported

  Hybrid Information Feature:             Not Supported

  All Write Cache Non-Volatile:           Not Supported

  Extended Number of User Addressable Sectors: Not Supported

  Device Encrypts All User Data:          Not Supported

  CFast Specification:                    Not Supported

  NCQ Priority Information:               Not Supported

  Host Automatic Partial to Slumber Transitions: Not Supported

  Device Automatic Partial to Slumber Transitions: Not Supported

  NCQ Streaming:                          Not Supported

  NCQ Queue Management Command:           Not Supported

  DEVSLP to Reduced Power State:          Not Supported

  Extended Power Conditions Feature:      Not Supported

  Sense Data Reporting Feature:           Not Supported

  Free-Fall Control Feature:              Not Supported

 [Self-Monitoring, Analysis and Reporting Technology (S.M.A.R.T.)]

  [01] Raw Read Error Rate:               200/51, Worst: 200 (Data = 597)

  [03] Spin Up Time:                      189/21, Worst: 187 (Data = 1516)

  [04] Start/Stop Count:                  91/Always OK, Worst: 91 (Data = 9606)

  [05] Reallocated Sector Count:          200/140, Worst: 200

  [07] Seek Error Rate:                   100/51, Worst: 253

  [09] Power-On Hours/Cycle Count:        82/Always OK, Worst: 82 (Data = 13740)

  [0A] Spin Retry Count:                  100/51, Worst: 100

  [0B] Calibration Retry Count:           100/51, Worst: 100

  [0C] Power Cycle Count:                 91/Always OK, Worst: 91 (Data = 9021)

  [C0] Power-Off Retract Count:           200/Always OK, Worst: 200 (Data = 204)

  [C1] Load/Unload Cycle Count:           111/Always OK, Worst: 111 (Data = 269229)

  [C2] Temperature                        105/Always OK, Worst: 71 (Data = 42.0 °C)

  [C4] Reallocation Event Count:          200/Always OK, Worst: 200

  [C5] Current Pending Sector Count:      200/Always OK, Worst: 200

  [C6] Off-Line Uncorrectable Sector Count: 100/Always OK, Worst: 253

  [C7] UltraDMA/SATA CRC Error Rate:      200/Always OK, Worst: 200

  [C8] Write/Multi-Zone Error Rate:       100/51, Worst: 253
 

hp CDDVDW TS-L633N --------------------------------------------------------
 

 [General information]

  Drive Model:                            hp CDDVDW TS-L633N

  Drive Revision:                         0300

  Serial Number:                          R3186GDZ643449  

  Device Type:                            DVD+R DL

 [Device capabilities]

  Drive can read:                         CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-RAM, DVD+R DL

  Drive can write:                        CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-RAM, DVD+R DL
 

Audio ---------------------------------------------------------------------
 
 

Intel 5 Series/34x0 Chipset PCH - High Definition Audio Controller [B2] ---
 

  Audio Adapter:                          Intel 5 Series/34x0 Chipset PCH - High Definition Audio Controller [B2]

  Audio Controller Hardware ID:           PCI\VEN_8086&DEV_3B56&SUBSYS_1471103C&REV_05

  High Definition Audio Codec:            IDT 92HD75B3

  Audio Codec Hardware ID:                HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_00000000

 [Driver Information]

  Driver Manufacturer:                    Microsoft

  Driver Description:                     High Definition Audio-Gerät

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17514

  Driver Date:                            19-Nov-2010

  DeviceInstanceId                        HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C1473&REV_1002\4&2AFC9DB&0&0001
 

ATI/AMD RV730 - High Definition Audio Controller --------------------------
 

  Audio Adapter:                          ATI/AMD RV730 - High Definition Audio Controller

  Audio Controller Hardware ID:           PCI\VEN_1002&DEV_AA38&SUBSYS_1471103C&REV_00

  High Definition Audio Codec:            ATi RADEON HDMI

  Audio Codec Hardware ID:                HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_1002AA01

 [Driver Information]

  Driver Manufacturer:                    Microsoft

  Driver Description:                     High Definition Audio-Gerät

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7600.16385

  Driver Date:                            13-Jul-2009

  DeviceInstanceId                        HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&296DBDEE&0&0001
 

Network -------------------------------------------------------------------
 
 

Intel 82577LC (Hanksville-M) Gigabit Network Controller -------------------
 

 [General information]

  Network Card:                           Intel 82577LC (Hanksville-M) Gigabit Network Controller

  Vendor Description:                     Intel(R) 82577LC Gigabit Network Connection

  MAC Address:                            1C-C1-DE-A1-84-C6

 [Capabilities]

  Maximum Link Speed:                     1000 Mbps

  Transmit Buffer Size:                   775168 Bytes

  Receive Buffer Size:                    524288 Bytes

  Hardware ID:                            PCI\VEN_8086&DEV_10EB&SUBSYS_1471103C&REV_05

 [Driver Information]

  Driver Manufacturer:                    Intel

  Driver Description:                     Intel(R) 82577LC Gigabit Network Connection

  Driver Provider:                        Intel

  Driver Version:                         11.12.36.0

  Driver Date:                            04-May-2011

  DeviceInstanceId                        PCI\VEN_8086&DEV_10EB&SUBSYS_1471103C&REV_05\3&33FD14CA&0&C8
 

Broadcom 802.11n Wireless Network Adapter ---------------------------------
 

 [General information]

  Network Card:                           Broadcom 802.11n Wireless Network Adapter

  Vendor Description:                     Microsoft

  MAC Address:                            00-26-82-CF-30-8E

 [Capabilities]

  Maximum Link Speed:                     36 Mbps

  Transmit Buffer Size:                   6201344 Bytes

  Receive Buffer Size:                    6201344 Bytes

  Hardware ID:                            PCI\VEN_14E4&DEV_4727&SUBSYS_145C103C&REV_01

 [Driver Information]

  Driver Manufacturer:                    Broadcom

  Driver Description:                     Broadcom 802.11n Network Adapter

  Driver Provider:                        Microsoft

  Driver Version:                         5.100.82.95

  Driver Date:                            21-Apr-2009

  DeviceInstanceId                        PCI\VEN_14E4&DEV_4727&SUBSYS_145C103C&REV_01\000082FFFFCF002600
 

Ports ---------------------------------------------------------------------
 
 

Serial Ports --------------------------------------------------------------
 
 

Parallel Ports ------------------------------------------------------------
 
 

USB -----------------------------------------------------------------------
 
 

Standard PCI-zu-USB erweiterter Hostcontroller ----------------------------
 
 

Root Hub ------------------------------------------------------------------
 
 

[Port1] : USB Hub ---------------------------------------------------------
 
 

[Port1] : Generic Bluetooth Adapter ---------------------------------------
 

 [Device Information]

  Device Manufacturer:                    

  Product Name:                           

  Serial Number:                          

  USB Version Supported:                  2.00

  USB Device Speed:                       USB 1.1 Full-speed

  Driver Description:                     Generic Bluetooth Adapter

  Hardware ID:                            USB\VID_03F0&PID_231D

 [Driver Information]

  Driver Manufacturer:                    GenericAdapter

  Driver Description:                     Generic Bluetooth Adapter

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.17889

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        USB\VID_03F0&PID_231D\6&2F85DB4&0&1
 

[Port2] : No Device Connected ---------------------------------------------
 
 

[Port3] : Validity Sensors (WBF) VFS451 -----------------------------------
 

 [Device Information]

  Device Manufacturer:                    

  Product Name:                           

  Serial Number:                          

  USB Version Supported:                  1.10

  USB Device Speed:                       USB 1.1 Full-speed

  Driver Description:                     Validity Sensors (WBF) VFS451

  Hardware ID:                            USB\VID_138A&PID_0007

 [Driver Information]

  Driver Manufacturer:                    Validity Sensors, Inc.

  Driver Description:                     Validity Sensors (WBF) VFS451

  Driver Provider:                        Validity Sensors, Inc.

  Driver Version:                         4.5.124.0

  Driver Date:                            22-Jul-2009

  DeviceInstanceId                        USB\VID_138A&PID_0007\3510F1EF1E01
 

[Port4] : No Device Connected ---------------------------------------------
 
 

[Port5] : USB-Verbundgerät ------------------------------------------------
 

 [Device Information]

  Device Manufacturer:                    

  Product Name:                           

  Serial Number:                          

  USB Version Supported:                  2.00

  USB Device Speed:                       USB 2.0 High-speed

  Driver Description:                     USB-Verbundgerät

  Hardware ID:                            USB\VID_04F2&PID_B1AC

 [Driver Information]

  Driver Manufacturer:                    (Standard-USB-Hostcontroller)

  Driver Description:                     USB-Verbundgerät

  Driver Provider:                        Microsoft

  Driver Version:                         6.1.7601.18328

  Driver Date:                            21-Jun-2006

  DeviceInstanceId                        USB\VID_04F2&PID_B1AC\6&2F85DB4&0&5
 

[Port6] : No Device Connected ---------------------------------------------
 
 

[Port2] : No Device Connected ---------------------------------------------
 
 

Standard PCI-zu-USB erweiterter Hostcontroller ----------------------------
 
 

Root Hub ------------------------------------------------------------------
 
 

[Port1] : USB Hub ---------------------------------------------------------
 
 

[Port1] : No Device Connected ---------------------------------------------
 
 

[Port2] : No Device Connected ---------------------------------------------
 
 

[Port3] : No Device Connected ---------------------------------------------
 
 

[Port4] : No Device Connected ---------------------------------------------
 
 

[Port5] : No Device Connected ---------------------------------------------
 
 

[Port6] : No Device Connected ---------------------------------------------
 
 

[Port7] : No Device Connected ---------------------------------------------
 
 

[Port8] : No Device Connected ---------------------------------------------
 
 

[Port2] : No Device Connected ---------------------------------------------
 
 

Smart Battery -------------------------------------------------------------
 
 

Battery #0 ----------------------------------------------------------------
 

 [General Properties]

  Device Name:                            Primary

  Manufacturer Name:                      Hewlett-Packard

  Serial Number:                          05557 2010/08/17

  Unique ID:                              05557 2010/08/17Hewlett-PackardPrimary

  Chemistry:                              

  Designed Capacity:                      55080 mWh

  Full Charged Capacity:                  43902 mWh

  Wear Level:                             20.3 %

 [Current Power Status]

  Power Status:                           Discharging 

  Current Capacity:                       12442 mWh (28.3 %)

  Current Voltage:                        10.777 V

  Discharge Rate:                         -22982 mW

Defogger Log

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 12:41 on 18/06/2014 (Sina)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...
 
 

-=E.O.F=-

FRST Log

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-06-2014

Ran by Sina (administrator) on SINA-PC on 18-06-2014 12:46:50

Running from C:\Users\Sina\Downloads

Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\System32\valWBFPolicyService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

(Hewlett-Packard Company) C:\HP\KBD\kbd.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

() C:\Users\Sina\Downloads\Defogger.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)

HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [KBD] => C:\HP\KBD\KBD.EXE [61440 2005-02-02] (Hewlett-Packard Company)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)

HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-31] (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7C9B53F0F91DCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158&q={searchTerms}

SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Hosts: 127.0.0.1 activate.adobe.com

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\werii9d8.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Adblock Plus - C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\werii9d8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-06]

FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-01-31]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-30]
 

Chrome: 

=======

CHR Extension: (Google Drive) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]

CHR Extension: (YouTube) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]

CHR Extension: (Google-Suche) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]

CHR Extension: (AdBlock) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-06]

CHR Extension: (avast! Online Security) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06]

CHR Extension: (Google Wallet) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]

CHR Extension: (Google Mail) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-27]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-27] (AVAST Software)

R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [24064 2013-10-17] ()

R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [1656112 2010-01-07] (Validity Sensors, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-27] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-27] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-27] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-27] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-27] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-27] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-27] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-27] ()

R3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2014-06-18] (Phoenix Technologies) [File not signed]

R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-06-18] (REALiX(tm))

S1 iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-06-18 12:46 - 2014-06-18 12:47 - 00010637 _____ () C:\Users\Sina\Downloads\FRST.txt

2014-06-18 12:46 - 2014-06-18 12:46 - 00000000 ____D () C:\FRST

2014-06-18 12:45 - 2014-06-18 12:46 - 01072640 _____ (Farbar) C:\Users\Sina\Downloads\FRST.exe

2014-06-18 12:44 - 2014-06-18 12:44 - 00013323 _____ () C:\Users\Sina\Desktop\Defogger - Verknüpfung.lnk

2014-06-18 12:44 - 2014-06-18 12:42 - 00000470 _____ () C:\Users\Sina\Desktop\defogger_disable.log

2014-06-18 12:41 - 2014-06-18 12:42 - 00000470 _____ () C:\Users\Sina\Downloads\defogger_disable.log

2014-06-18 12:41 - 2014-06-18 12:41 - 00050477 _____ () C:\Users\Sina\Downloads\Defogger (1).exe

2014-06-18 12:41 - 2014-06-18 12:41 - 00000000 _____ () C:\Users\Sina\defogger_reenable

2014-06-18 12:40 - 2014-06-18 12:40 - 00050477 _____ () C:\Users\Sina\Downloads\Defogger.exe

2014-06-18 12:35 - 2014-06-18 12:35 - 00000983 _____ () C:\Users\Sina\Desktop\HWiNFO32 Program.lnk

2014-06-18 12:34 - 2014-06-18 12:34 - 00121855 _____ () C:\Users\Sina\Desktop\hwinfo.LOG

2014-06-18 12:32 - 2014-06-18 12:32 - 00974568 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sina\Downloads\driveragent-setup-874.exe

2014-06-18 12:32 - 2014-06-18 12:32 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys

2014-06-18 12:32 - 2014-06-18 12:32 - 00000000 ____D () C:\Users\Sina\AppData\Local\eSupport.com

2014-06-18 12:32 - 2014-06-18 12:32 - 00000000 ____D () C:\Program Files\eSupport.com

2014-06-18 12:30 - 2014-06-18 12:30 - 02670520 _____ (Martin Malík - REALiX ) C:\Users\Sina\Downloads\hw64_440.exe

2014-06-18 12:29 - 2014-06-18 12:29 - 00022688 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS

2014-06-18 12:29 - 2014-06-18 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32

2014-06-18 12:29 - 2014-06-18 12:29 - 00000000 ____D () C:\Program Files\HWiNFO32

2014-06-18 12:28 - 2014-06-18 12:29 - 02575672 _____ (Martin Malík - REALiX ) C:\Users\Sina\Downloads\hw32_440.exe

2014-06-18 12:18 - 2014-06-18 12:18 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-06-18 12:18 - 2014-06-18 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-06-18 12:18 - 2014-06-18 12:18 - 00000000 ____D () C:\Program Files\CCleaner

2014-06-18 12:17 - 2014-06-18 12:17 - 04748896 _____ (Piriform Ltd) C:\Users\Sina\Downloads\ccsetup414.exe

2014-06-18 11:58 - 2014-06-18 11:58 - 00031460 _____ () C:\Users\Sina\Desktop\Malwarebytes.txt

2014-06-18 11:43 - 2014-06-18 11:57 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-18 11:43 - 2014-06-18 11:44 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-18 11:43 - 2014-06-18 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-18 11:43 - 2014-06-18 11:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-06-18 11:43 - 2014-06-18 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-18 11:43 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-06-18 11:43 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-18 11:43 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-06-18 11:39 - 2014-06-18 11:40 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Sina\Downloads\mbam-setup-2.0.0.1000.exe

2014-06-18 11:36 - 2014-06-18 11:36 - 00001037 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-06-18 11:36 - 2014-06-18 11:36 - 00000000 ____D () C:\ProgramData\Licenses

2014-06-18 11:35 - 2014-06-18 11:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Sina\Downloads\spywareblastersetup50.exe

2014-06-18 11:33 - 2014-06-18 11:38 - 00000000 ____D () C:\ProgramData\TEMP

2014-06-18 11:33 - 2014-06-18 11:37 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-06-18 11:33 - 2014-06-18 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-06-18 11:33 - 2010-01-10 19:40 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\MSSTDFMT.DLL

2014-06-18 11:32 - 2014-06-18 11:33 - 03258000 _____ (BrightFort LLC ) C:\Users\Sina\Downloads\spywareblastersetup46.exe

2014-06-18 11:28 - 2014-06-18 11:28 - 00961360 _____ (Chip Digital GmbH) C:\Users\Sina\Downloads\SpywareBlaster - CHIP-Installer.exe

2014-06-17 15:30 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-17 15:30 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-17 15:30 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-17 15:30 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-17 15:30 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-17 15:30 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-17 15:30 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-17 15:30 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-17 15:30 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-17 15:30 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-17 15:30 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-17 15:30 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-17 15:30 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-17 15:30 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-17 15:30 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-17 15:30 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-17 15:30 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-17 15:30 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-17 15:30 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-17 15:30 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-17 15:30 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-17 15:30 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-17 15:30 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-17 15:30 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-17 15:30 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-17 15:30 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-17 15:30 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-17 15:30 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-17 13:22 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-17 13:22 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-17 13:22 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-17 13:22 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-17 13:21 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-17 13:21 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-17 13:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-17 13:21 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-17 13:21 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-17 10:50 - 2014-05-08 11:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-17 10:50 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-06-17 10:47 - 2014-06-17 10:47 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-06-16 13:28 - 2014-06-16 13:34 - 00000000 ____D () C:\Users\Sina\Desktop\Neuer Ordner

2014-06-15 10:57 - 2014-06-15 10:59 - 00000000 ____D () C:\ProgramData\hps

2014-06-15 10:57 - 2014-06-15 10:58 - 00000000 ____D () C:\ProgramData\tmp

2014-06-15 10:47 - 2014-06-15 10:47 - 00000000 ____D () C:\Program Files\Pixum

2014-06-10 09:30 - 2014-06-10 09:30 - 00665600 _____ () C:\Users\Sina\Desktop\Arbeitshilfen für Pflegende  Einführung.ppt

2014-06-04 11:50 - 2014-06-04 11:50 - 00027648 _____ () C:\Users\Sina\Downloads\geburtstagskalender-querformat-in-farbe.xls

2014-05-31 13:02 - 2014-05-31 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-05-31 13:01 - 2014-05-31 13:02 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2014-05-31 13:01 - 2014-05-31 13:02 - 00000000 ____D () C:\Program Files\iTunes

2014-05-31 13:01 - 2014-05-31 13:01 - 00000000 ____D () C:\Program Files\iPod

2014-05-30 15:33 - 2014-06-16 14:02 - 00000000 ____D () C:\Users\Sina\Desktop\Musterdokumentation

2014-05-27 18:36 - 2014-05-27 18:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-05-27 18:36 - 2014-05-27 18:36 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
 

==================== One Month Modified Files and Folders =======
 

2014-06-18 12:47 - 2014-06-18 12:46 - 00010637 _____ () C:\Users\Sina\Downloads\FRST.txt

2014-06-18 12:47 - 2014-01-30 21:30 - 00000000 ____D () C:\Users\Sina\AppData\Local\Temp

2014-06-18 12:46 - 2014-06-18 12:46 - 00000000 ____D () C:\FRST

2014-06-18 12:46 - 2014-06-18 12:45 - 01072640 _____ (Farbar) C:\Users\Sina\Downloads\FRST.exe

2014-06-18 12:44 - 2014-06-18 12:44 - 00013323 _____ () C:\Users\Sina\Desktop\Defogger - Verknüpfung.lnk

2014-06-18 12:43 - 2014-01-30 21:25 - 01105371 _____ () C:\Windows\WindowsUpdate.log

2014-06-18 12:42 - 2014-06-18 12:44 - 00000470 _____ () C:\Users\Sina\Desktop\defogger_disable.log

2014-06-18 12:42 - 2014-06-18 12:41 - 00000470 _____ () C:\Users\Sina\Downloads\defogger_disable.log

2014-06-18 12:41 - 2014-06-18 12:41 - 00050477 _____ () C:\Users\Sina\Downloads\Defogger (1).exe

2014-06-18 12:41 - 2014-06-18 12:41 - 00000000 _____ () C:\Users\Sina\defogger_reenable

2014-06-18 12:41 - 2014-01-30 21:30 - 00000000 ____D () C:\Users\Sina

2014-06-18 12:40 - 2014-06-18 12:40 - 00050477 _____ () C:\Users\Sina\Downloads\Defogger.exe

2014-06-18 12:35 - 2014-06-18 12:35 - 00000983 _____ () C:\Users\Sina\Desktop\HWiNFO32 Program.lnk

2014-06-18 12:34 - 2014-06-18 12:34 - 00121855 _____ () C:\Users\Sina\Desktop\hwinfo.LOG

2014-06-18 12:32 - 2014-06-18 12:32 - 00974568 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Sina\Downloads\driveragent-setup-874.exe

2014-06-18 12:32 - 2014-06-18 12:32 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys

2014-06-18 12:32 - 2014-06-18 12:32 - 00000000 ____D () C:\Users\Sina\AppData\Local\eSupport.com

2014-06-18 12:32 - 2014-06-18 12:32 - 00000000 ____D () C:\Program Files\eSupport.com

2014-06-18 12:30 - 2014-06-18 12:30 - 02670520 _____ (Martin Malík - REALiX ) C:\Users\Sina\Downloads\hw64_440.exe

2014-06-18 12:29 - 2014-06-18 12:29 - 00022688 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS

2014-06-18 12:29 - 2014-06-18 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32

2014-06-18 12:29 - 2014-06-18 12:29 - 00000000 ____D () C:\Program Files\HWiNFO32

2014-06-18 12:29 - 2014-06-18 12:28 - 02575672 _____ (Martin Malík - REALiX ) C:\Users\Sina\Downloads\hw32_440.exe

2014-06-18 12:18 - 2014-06-18 12:18 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-06-18 12:18 - 2014-06-18 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-06-18 12:18 - 2014-06-18 12:18 - 00000000 ____D () C:\Program Files\CCleaner

2014-06-18 12:18 - 2014-01-30 21:21 - 00000000 ____D () C:\Windows\Panther

2014-06-18 12:17 - 2014-06-18 12:17 - 04748896 _____ (Piriform Ltd) C:\Users\Sina\Downloads\ccsetup414.exe

2014-06-18 12:11 - 2009-07-14 06:34 - 00014944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-18 12:11 - 2009-07-14 06:34 - 00014944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-18 12:09 - 2014-02-06 19:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-18 12:04 - 2014-02-06 19:20 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-18 12:04 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-18 11:58 - 2014-06-18 11:58 - 00031460 _____ () C:\Users\Sina\Desktop\Malwarebytes.txt

2014-06-18 11:57 - 2014-06-18 11:43 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-18 11:44 - 2014-06-18 11:43 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-18 11:44 - 2014-06-18 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-18 11:44 - 2014-06-18 11:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-06-18 11:43 - 2014-06-18 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-18 11:40 - 2014-06-18 11:39 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Sina\Downloads\mbam-setup-2.0.0.1000.exe

2014-06-18 11:38 - 2014-06-18 11:33 - 00000000 ____D () C:\ProgramData\TEMP

2014-06-18 11:37 - 2014-06-18 11:33 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-06-18 11:36 - 2014-06-18 11:36 - 00001037 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-06-18 11:36 - 2014-06-18 11:36 - 00000000 ____D () C:\ProgramData\Licenses

2014-06-18 11:36 - 2014-06-18 11:35 - 04095448 _____ (BrightFort LLC ) C:\Users\Sina\Downloads\spywareblastersetup50.exe

2014-06-18 11:36 - 2014-06-18 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-06-18 11:33 - 2014-06-18 11:32 - 03258000 _____ (BrightFort LLC ) C:\Users\Sina\Downloads\spywareblastersetup46.exe

2014-06-18 11:28 - 2014-06-18 11:28 - 00961360 _____ (Chip Digital GmbH) C:\Users\Sina\Downloads\SpywareBlaster - CHIP-Installer.exe

2014-06-17 21:08 - 2014-02-06 19:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-17 16:54 - 2014-01-30 21:32 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-06-17 13:27 - 2014-04-25 16:07 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-06-17 12:40 - 2014-02-05 10:53 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-17 12:40 - 2014-01-31 13:00 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-17 12:39 - 2014-02-05 10:53 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-17 10:47 - 2014-06-17 10:47 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-06-17 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp

2014-06-17 10:43 - 2014-01-31 13:01 - 00000000 ____D () C:\Users\Sina\AppData\Local\Microsoft Help

2014-06-17 10:43 - 2014-01-30 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-06-17 10:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache

2014-06-17 10:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration

2014-06-17 10:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat

2014-06-17 10:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-06-17 10:42 - 2014-01-31 08:49 - 00000000 ____D () C:\Users\Sina\Documents\Diakonie

2014-06-16 22:10 - 2009-07-14 10:56 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-06-16 15:46 - 2014-05-12 12:45 - 00000000 ____D () C:\Users\Sina\Documents\Arbeitszeugnisse

2014-06-16 14:02 - 2014-05-30 15:33 - 00000000 ____D () C:\Users\Sina\Desktop\Musterdokumentation

2014-06-16 13:34 - 2014-06-16 13:28 - 00000000 ____D () C:\Users\Sina\Desktop\Neuer Ordner

2014-06-15 12:58 - 2014-01-31 08:49 - 00000000 ____D () C:\Users\Sina\Documents\Bank & Haushalt

2014-06-15 10:59 - 2014-06-15 10:57 - 00000000 ____D () C:\ProgramData\hps

2014-06-15 10:58 - 2014-06-15 10:57 - 00000000 ____D () C:\ProgramData\tmp

2014-06-15 10:47 - 2014-06-15 10:47 - 00000000 ____D () C:\Program Files\Pixum

2014-06-13 09:46 - 2014-02-06 19:07 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-06-13 09:46 - 2014-02-06 19:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-06-12 10:15 - 2014-01-31 08:49 - 00000000 ____D () C:\Users\Sina\Documents\Arbeitszeitkonto

2014-06-11 14:17 - 2014-01-31 08:49 - 00000000 ____D () C:\Users\Sina\Documents\Bewerbung

2014-06-10 09:30 - 2014-06-10 09:30 - 00665600 _____ () C:\Users\Sina\Desktop\Arbeitshilfen für Pflegende  Einführung.ppt

2014-06-08 10:48 - 2014-06-17 13:21 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-08 10:43 - 2014-06-17 13:21 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-04 11:50 - 2014-06-04 11:50 - 00027648 _____ () C:\Users\Sina\Downloads\geburtstagskalender-querformat-in-farbe.xls

2014-05-31 13:02 - 2014-05-31 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-05-31 13:02 - 2014-05-31 13:01 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2014-05-31 13:02 - 2014-05-31 13:01 - 00000000 ____D () C:\Program Files\iTunes

2014-05-31 13:01 - 2014-05-31 13:01 - 00000000 ____D () C:\Program Files\iPod

2014-05-31 13:01 - 2014-03-15 13:06 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-05-30 11:18 - 2014-06-17 15:30 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-30 11:02 - 2014-06-17 15:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-30 11:02 - 2014-06-17 15:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-05-30 10:44 - 2014-06-17 15:30 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-05-30 10:43 - 2014-06-17 15:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-05-30 10:42 - 2014-06-17 15:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-05-30 10:38 - 2014-06-17 15:30 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-30 10:34 - 2014-06-17 15:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-30 10:33 - 2014-06-17 15:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-05-30 10:30 - 2014-06-17 15:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-05-30 10:28 - 2014-06-17 15:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-05-30 10:28 - 2014-06-17 15:30 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-05-30 10:27 - 2014-06-17 15:30 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-05-30 10:21 - 2014-06-17 15:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-05-30 10:16 - 2014-06-17 15:30 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-05-30 10:10 - 2014-06-17 15:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-05-30 10:06 - 2014-06-17 15:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-05-30 10:04 - 2014-06-17 15:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-30 10:02 - 2014-06-17 15:30 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-05-30 09:57 - 2014-06-17 15:30 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-05-30 09:56 - 2014-06-17 15:30 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-30 09:55 - 2014-01-31 08:52 - 00000000 ____D () C:\Users\Sina\Documents\Rezepte

2014-05-30 09:54 - 2014-06-17 15:30 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-30 09:50 - 2014-06-17 15:30 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-05-30 09:49 - 2014-06-17 15:30 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-30 09:40 - 2014-06-17 15:30 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-30 09:21 - 2014-06-17 15:30 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-30 09:15 - 2014-06-17 15:30 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-30 09:13 - 2014-06-17 15:30 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-05-27 18:37 - 2014-01-30 22:57 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-05-27 18:37 - 2014-01-30 22:57 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-05-27 18:37 - 2014-01-30 22:57 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-05-27 18:36 - 2014-05-27 18:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-05-27 18:36 - 2014-05-27 18:36 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-05-27 18:36 - 2014-01-30 22:57 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-05-27 18:36 - 2014-01-30 22:57 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-05-27 18:36 - 2014-01-30 22:57 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-05-27 18:36 - 2014-01-30 22:57 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-05-27 18:36 - 2014-01-30 22:57 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-05-23 23:14 - 2014-01-31 12:04 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk

2014-05-23 23:14 - 2014-01-31 12:04 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk

2014-05-23 23:14 - 2014-01-31 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
 

Files to move or delete:

====================

C:\Users\Public\AlexaNSISPlugin.5360.dll
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-06-10 09:56
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition Log

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-06-2014

Ran by Sina at 2014-06-18 12:47:23

Running from C:\Users\Sina\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)

Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)

Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - )

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

HWiNFO32 Version 4.40 (HKLM\...\HWiNFO32_is1) (Version: 4.40 - Martin Malík - REALiX)

Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)

iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Project MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden

SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)

Validity Sensors DDK (HKLM\...\{62A20ECA-920E-4052-BF77-88C78DD20FAA}) (Version: 3.1.374 - Validity Sensors, Inc.)
 

==================== Restore Points  =========================
 

13-06-2014 10:41:45 Windows Update

14-06-2014 05:00:47 Windows Update

14-06-2014 19:44:15 Windows Update

16-06-2014 09:19:49 Windows Update

16-06-2014 20:06:01 Wiederherstellungsvorgang

16-06-2014 20:12:24 avast! antivirus system restore point

16-06-2014 20:17:04 Wiederherstellungsvorgang

16-06-2014 20:17:11 Windows Update

16-06-2014 20:30:25 Windows Update

16-06-2014 20:44:34 Windows Update

17-06-2014 08:39:24 Wiederherstellungsvorgang

17-06-2014 08:44:53 avast! antivirus system restore point

17-06-2014 08:51:42 Windows Update

17-06-2014 10:37:18 Windows Update

17-06-2014 11:21:23 Windows Update

17-06-2014 13:30:07 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2013-12-01 23:03 - 00000875 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {356C1FA7-B0AE-4AE2-B100-CF7AA114F747} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)

Task: {35BFECF4-F387-4211-827D-03F5B1923106} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-06] (Google Inc.)

Task: {3D27857A-BF17-468C-9B4D-5799D989436F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)

Task: {615AC445-6D1D-4CAC-A0AD-931AAF3E5FAE} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION

Task: {67ED2531-8310-42A1-BB5F-8462298D8017} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-06] (Google Inc.)

Task: {94A0C6FE-A7C1-48D3-9D8C-F4D418BBAAB7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {C53F1409-FFFC-481E-8F03-414C7DAB84E1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-27] (AVAST Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-06-18 11:56 - 2014-06-18 11:56 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061800\algo.dll

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-10-17 23:28 - 2013-10-17 23:28 - 00024064 _____ () C:\Windows\system32\valWBFPolicyService.exe

2014-01-30 22:57 - 2014-01-30 22:57 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-05-08 13:22 - 2014-05-08 13:22 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu

2014-06-12 21:14 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll

2014-06-12 21:14 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll

2014-06-12 21:14 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-12 21:14 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-12 21:14 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2014-06-12 21:14 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

2014-06-18 12:40 - 2014-06-18 12:40 - 00050477 _____ () C:\Users\Sina\Downloads\Defogger.exe
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 

Name: Basissystemgerät

Description: Basissystemgerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Basissystemgerät

Description: Basissystemgerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: iSafeNetFilter

Description: iSafeNetFilter

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: iSafeNetFilter

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/17/2014 05:56:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 640931
 

Error: (06/17/2014 05:56:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 640931
 

Error: (06/17/2014 05:56:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/17/2014 05:56:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 639932
 

Error: (06/17/2014 05:56:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 639932
 

Error: (06/17/2014 05:56:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/17/2014 05:56:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 638934
 

Error: (06/17/2014 05:56:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 638934
 

Error: (06/17/2014 05:56:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/17/2014 05:56:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 637889
 
 

System errors:

=============

Error: (06/18/2014 00:05:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/18/2014 00:04:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

iSafeNetFilter
 

Error: (06/18/2014 00:04:07 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/18/2014 00:04:07 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (06/18/2014 00:02:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/18/2014 00:01:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

iSafeNetFilter
 

Error: (06/18/2014 00:01:17 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/18/2014 00:01:17 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (06/18/2014 11:56:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/18/2014 11:55:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

iSafeNetFilter
 
 

Microsoft Office Sessions:

=========================

Error: (06/17/2014 05:56:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 640931
 

Error: (06/17/2014 05:56:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 640931
 

Error: (06/17/2014 05:56:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/17/2014 05:56:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 639932
 

Error: (06/17/2014 05:56:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 639932
 

Error: (06/17/2014 05:56:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/17/2014 05:56:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 638934
 

Error: (06/17/2014 05:56:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 638934
 

Error: (06/17/2014 05:56:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/17/2014 05:56:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 637889
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 42%

Total physical RAM: 3055.43 MB

Available physical RAM: 1745.16 MB

Total Pagefile: 6109.15 MB

Available Pagefile: 4607.66 MB

Total Virtual: 2047.88 MB

Available Virtual: 1895.02 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:232.88 GB) (Free:141.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 00000080)

Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Gmer Log

Code:

GMER 2.1.19357 - hxxp://www.gmer.net

Rootkit scan 2014-06-18 13:08:53

Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500BEVS-75UST0 rev.01.01A01 232,89GB

Running: Gmer-19357.exe; Driver: C:\Users\Sina\AppData\Local\Temp\kxldypow.sys
 
 

---- System - GMER 2.1 ----
 

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwAddBootEntry [0x8BAB4AA0]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwAssignProcessToJobObject [0x8BAB557E]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateEvent [0x8BAC15C8]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateEventPair [0x8BAC1614]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateIoCompletion [0x8BAC17AE]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateMutant [0x8BAC1536]

SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                                                             ZwCreateSection [0x8BB6B6D2]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateSemaphore [0x8BAC157E]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateThread [0x8BAB5AB4]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateThreadEx [0x8BAB5CD0]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwCreateTimer [0x8BAC1768]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwDebugActiveProcess [0x8BAB636C]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwDeleteBootEntry [0x8BAB4B06]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwDuplicateObject [0x8BAB9B40]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwLoadDriver [0x8BAB46F2]

SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                                                             ZwMapViewOfSection [0x8BB6B7B2]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwModifyBootEntry [0x8BAB4B6C]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwNotifyChangeKey [0x8BAB9F36]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwNotifyChangeMultipleKeys [0x8BAB6E54]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenEvent [0x8BAC15F2]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenEventPair [0x8BAC1636]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenIoCompletion [0x8BAC17D2]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenMutant [0x8BAC155C]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenProcess [0x8BAB943A]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenSection [0x8BAC16E6]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenSemaphore [0x8BAC15A6]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenThread [0x8BAB9822]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwOpenTimer [0x8BAC178C]

SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                                                             ZwProtectVirtualMemory [0x8BB6B556]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwQueryObject [0x8BAB6CC8]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwQueueApcThreadEx [0x8BAB69D6]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSetBootEntryOrder [0x8BAB4BD2]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSetBootOptions [0x8BAB4C38]

SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                                                             ZwSetContextThread [0x8BB6B8AE]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSetSystemInformation [0x8BAB478C]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSetSystemPowerState [0x8BAB495E]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwShutdownSystem [0x8BAB48EC]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSuspendProcess [0x8BAB6536]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSuspendThread [0x8BAB6698]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwSystemDebugControl [0x8BAB49E6]

SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                                                             ZwTerminateProcess [0x8BB6B624]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwTerminateThread [0x8BAB61C6]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwVdmControl [0x8BAB4C9E]

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                                                            ZwWriteVirtualMemory [0x8BAB55DA]
 

---- Kernel code sections - GMER 2.1 ----
 

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                                           82C4FA15 1 Byte  [06]

.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                             82C89212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

.text           ntkrnlpa.exe!KeRemoveQueueEx + 10CB                                                                                                82C90460 4 Bytes  [A0, 4A, AB, 8B]

.text           ntkrnlpa.exe!KeRemoveQueueEx + 1153                                                                                                82C904E8 4 Bytes  [7E, 55, AB, 8B]

.text           ntkrnlpa.exe!KeRemoveQueueEx + 11A7                                                                                                82C9053C 8 Bytes  [C8, 15, AC, 8B, 14, 16, AC, ...]

.text           ntkrnlpa.exe!KeRemoveQueueEx + 11B3                                                                                                82C90548 4 Bytes  [AE, 17, AC, 8B]

.text           ntkrnlpa.exe!KeRemoveQueueEx + 11CF                                                                                                82C90564 4 Bytes  [36, 15, AC, 8B]

.text           ...                                                                                                                                

PAGE            ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108                                                                                        82E4B4EF 4 Bytes  CALL 8BAB7517 \SystemRoot\system32\drivers\aswSnx.sys

PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122                                                                                       82E65357 4 Bytes  CALL 8BAB752D \SystemRoot\system32\drivers\aswSnx.sys

.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                                                                           section is writeable [0x91A05000, 0x2D5378, 0xE8000020]
 

---- User code sections - GMER 2.1 ----
 

.text           C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[220] kernel32.dll!GetBinaryTypeW + 70  76096AAC 1 Byte  [62]

.text           C:\Windows\system32\csrss.exe[436] kernel32.dll!GetBinaryTypeW + 70                                                                76096AAC 1 Byte  [62]

.text           C:\Windows\system32\wininit.exe[500] kernel32.dll!GetBinaryTypeW + 70                                                              76096AAC 1 Byte  [62]

.text           C:\Windows\system32\csrss.exe[508] kernel32.dll!GetBinaryTypeW + 70                                                                76096AAC 1 Byte  [62]

.text           C:\Windows\system32\services.exe[548] kernel32.dll!GetBinaryTypeW + 70                                                             76096AAC 1 Byte  [62]

.text           ...                                                                                                                                

.text           C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1536] kernel32.dll!SetUnhandledExceptionFilter                                  7607F5AB 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }

.text           C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1536] kernel32.dll!GetBinaryTypeW + 70                                          76096AAC 1 Byte  [62]

.text           C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1576] kernel32.dll!GetBinaryTypeW + 70      76096AAC 1 Byte  [62]

.text           C:\Windows\system32\Dwm.exe[1632] kernel32.dll!GetBinaryTypeW + 70                                                                 76096AAC 1 Byte  [62]

.text           C:\Windows\Explorer.EXE[1656] kernel32.dll!GetBinaryTypeW + 70                                                                     76096AAC 1 Byte  [62]

.text           C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1712] kernel32.dll!GetBinaryTypeW + 70                                      76096AAC 1 Byte  [62]

.text           ...                                                                                                                                

.text           C:\Program Files\AVAST Software\Avast\avastui.exe[2624] kernel32.dll!SetUnhandledExceptionFilter                                   7607F5AB 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }

.text           C:\Program Files\AVAST Software\Avast\avastui.exe[2624] kernel32.dll!GetBinaryTypeW + 70                                           76096AAC 1 Byte  [62]

.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2724] kernel32.dll!GetBinaryTypeW + 70                                               76096AAC 1 Byte  [62]

.text           C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe[2756] kernel32.dll!GetBinaryTypeW + 70                                    76096AAC 1 Byte  [62]

.text           C:\HP\KBD\kbd.exe[2808] kernel32.dll!GetBinaryTypeW + 70                                                                           76096AAC 1 Byte  [62]

.text           C:\Program Files\iTunes\iTunesHelper.exe[2816] kernel32.dll!GetBinaryTypeW + 70                                                    76096AAC 1 Byte  [62]

.text           ...                                                                                                                                
 

---- Devices - GMER 2.1 ----
 

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                            Wdf01000.sys

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                            Wdf01000.sys
 

Device          \Driver\BTHUSB \Device\00000086                                                                                                    bthport.sys

Device          \Driver\BTHUSB \Device\00000088                                                                                                    bthport.sys
 

---- Registry - GMER 2.1 ----
 

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f39599b199                                                        

Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f39599b199 (not active ControlSet)                                    

Reg             HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{D0990EB0-89E3-11E3-A28B-806E6F6E6963}             1423531888
 

---- EOF - GMER 2.1 ----

Malwarebytes Log

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Scan Date: 18.06.2014

Scan Time: 11:45:49

Logfile: malware.txt

Administrator: Yes
 

Version: 2.00.2.1012

Malware Database: v2014.06.18.03

Rootkit Database: v2014.06.02.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled
 

OS: Windows 7 Service Pack 1

CPU: x86

File System: NTFS

User: Sina
 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 248784

Time Elapsed: 7 min, 13 sec
 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled
 

Processes: 0

(No malicious items detected)
 

Modules: 0

(No malicious items detected)
 

Registry Keys: 7

PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\awesomehpSoftware, Quarantined, [78730772dc9ff5413f652c9512f03ac6], 

PUP.Optional.NewTab.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pkndmigholgfjlniaohblojbhgjbkakn, Quarantined, [7d6ef3868feca98deaa79031857d09f7], 

PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [4f9cd8a12a51270fcdb945a1b350847c], 

PUP.Optional.AlexaTB.A, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, Quarantined, [87649edbbcbff1452e2a875a50b3e818], 

PUP.Optional.InstallCore.A, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [03e8f188601bf145813b08bc55ad857b], 

PUP.Optional.InstallCore.A, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [6388e891fb80e6504780d2087291b050], 

PUP.Optional.Qone8, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [b93297e297e41e18c0c55f8749bace32], 
 

Registry Values: 1

PUP.Optional.InstallCore.A, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0O1J1G2R, Quarantined, [6388e891fb80e6504780d2087291b050]
 

Registry Data: 4

PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.awesomehp.com/web/?type=ds&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158&q={searchTerms}, Good: (hxxp://www.google.com), Bad: (hxxp://www.awesomehp.com/web/?type=ds&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158&q={searchTerms}),Replaced,[7e6d7aff2754f73f7b936909a75d8c74]

PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[b536f9807efd1e18fecb49321aea21df]

PUP.Optional.Awesomehp.A, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158, Good: (hxxp://www.google.com), Bad: (hxxp://www.awesomehp.com/?type=hp&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158),Replaced,[aa414d2c93e8b581838e680af0146f91]

PUP.Optional.Awesomehp.A, HKU\S-1-5-21-200124554-1064517884-196756452-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.awesomehp.com/?type=hp&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158, Good: (hxxp://www.google.com), Bad: (hxxp://www.awesomehp.com/?type=hp&ts=1391115701&from=adks&uid=WDCXWD2500BEVS-75UST0_WD-WXC10844415844158),Replaced,[36b532471d5e57df61a9076b27ddcf31]
 

Folders: 36

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\1, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\3, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\35, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\36, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\39, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\4, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\41, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\42, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\62, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\components, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\sysicons, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\Install, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\en_us, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\es_es, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\pt_br, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\tr_tr, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\zh_cn, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\zh_tw, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout\default, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\style, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Quarantined, [4c9f2e4b1269cd69e8312569f70b5da3], 

PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, Quarantined, [4c9f2e4b1269cd69e8312569f70b5da3], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 
 

Files: 150

PUP.Optional.Installcore, C:\Users\Sina\AppData\Local\Temp\ICReinstall_FlashPlayer.exe, Quarantined, [36b5f386106bfc3a1ab69ab1e61e44bc], 

PUP.Optional.InstallCore.A, C:\Users\Sina\AppData\Local\Temp\ICReinstall_install_flashplayer.exe, Quarantined, [a14ae594aecdfa3cd3f6d25eba468977], 

PUP.Optional.NationZoom.A, C:\Users\Sina\AppData\Local\Temp\fullpackage_temp1391115680\Baofeng.exe, Quarantined, [f5f6e297b7c48da9c6b7a68704fc1fe1], 

PUP.Optional.NationZoom.A, C:\Users\Sina\AppData\Local\Temp\fullpackage_temp1391115680\package1.zip, Quarantined, [668561187efd9e9814691716748c0af6], 

PUP.Optional.SkyTech.A, C:\Users\Sina\AppData\Local\Temp\fullpackage_temp1391115680\UpDate.dll, Quarantined, [5893f881c0bbdc5ad94e66ccba46629e], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\fullpackage_temp1391115680\tmp\desk365.exe, Quarantined, [f2f98beef68560d66aeac94fee13837d], 

PUP.Optional.SupTab.A, C:\Users\Sina\AppData\Local\Temp\fullpackage_temp1391115680\tmp\SupTab.exe, Quarantined, [3facc8b1e299fa3c72eb1421738dea16], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\eInstall.exe, Quarantined, [e2099bde2f4c61d5292b9e7a5fa26f91], 

PUP.Optional.NewTab.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx, Quarantined, [37b437420c6ff640404dc2ff7b87e818], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote.xml, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\accelerate, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg_list.xml, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_list.xml, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_settings.ini, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\firstrun, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\process_mgr.xml, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\1\angrybirds.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\3\BigFarm.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\35\Gmail.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\35\Gmail.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\36\Outlook.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\36\Outlook.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\39\ESPN.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\39\ESPN.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\4\Empire.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\4\Empire.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\41\gcalendar.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\42\pulse.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\42\pulse.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\62\ddtank2.db, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\app\config\62\ddtank2.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe.tmp, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\chrome_f004de26f9f97b93028f3f04aaa62cc9.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\chrome_f004de26f9f97b93028f3f04aaa62cc9_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\ddtank2_5d02d177c73d12e7ceb1811a8c30f9c5_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Google_1eed88936b91d2b6bc341da82c727a8f_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\iexplore_10b5070763457bf93b9c3a073ef606ff.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\iexplore_10b5070763457bf93b9c3a073ef606ff_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\337.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\barbie.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\facebook.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\GameCenter.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\google.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\Google_1eed88936b91d2b6bc341da82c727a8f.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\mario.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\twitter.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\v9.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\youtube.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_104.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_107.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\sysicons\1f2396c6693b847e47fc39346e3dfa36_21.ico, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r0.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r1.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r2.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r3.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r4.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r5.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r6.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r7.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r8.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Roaming\Desk 365\wp\r9.jpg, Quarantined, [47a40376bdbed660c0d63b9d2fd47f81], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365\promote.xml, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365\desk_bkg_list.xml, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365\desk_list.xml, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365\desk_settings.ini, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365\process_mgr.xml, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Program Files\Desk 365\recent.xml, Quarantined, [7f6cc8b10b70bb7ba1f6ac2c44bf12ee], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\main, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\msvcp100.dll, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\msvcr100.dll, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\segoeui.ttf, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\segoeuib.ttf, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\app_icon.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\change_skin.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\combo_skin.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\edit_skin.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_back.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_button_skin.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_check_checked.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_check_intermediate.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_check_uncheck.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_logo.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\install_resource.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\patch_file_icon.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\pic-error.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\pic-info.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\pic-question.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\pic-warning.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\popup_dialog_bk.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\progressbar_bk.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\progressbar_image.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\radio_normal.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\radio_selected.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\image\default\sys_close.png, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\Install\4zip.inst, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\Install\AirZip.inst, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\Install\edesk.inst, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\Install\gamelogin.inst, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\protocol.txt, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\en_us\install_lang.ini, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\es_es\install_lang.ini, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\pt_br\install_lang.ini, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\language\tr_tr\install_lang.ini, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout\default\eDeskInstall.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout\default\gamelogin.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout\default\install_msgbox.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout\default\languageSelect.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\layout\default\uninstgl.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.Desk365.A, C:\Users\Sina\AppData\Local\Temp\Desk365\eInstall\style\install_style.xml, Quarantined, [0ae11f5a84f7f640c4bd345732d08f71], 

PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, Quarantined, [4c9f2e4b1269cd69e8312569f70b5da3], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000005.ldb, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000008.ldb, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000017.log, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\CURRENT, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOCK, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOG, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOG.old, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 

PUP.Optional.AmazonBrowserBar.A, C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\MANIFEST-000015, Quarantined, [ce1de198601ba88e452af7aa03ff36ca], 
 

Physical Sectors: 0

(No malicious items detected)
 
 

(end)