O.K. verstanden. 2 verdächtige Einträge habe ich auch bereits entdeckt:
- Zitat:
HKLM-x32\...\Run: [TaskMngr] - wscript.exe "C:\Program Files (x86)\Common Files\Lenovo\data.js"
| - Zitat:
2014-04-05 15:16 - 2014-04-05 15:16 - 00000000 ____D () C:\Program Files\rrsavings
| nachfolgend die Logdateien:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by searge (administrator) on GONZO on 08-04-2014 20:35:05
Running from E:\
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
() C:\Program Files\002\bukgmhvrux64.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Sony Corporation) D:\PlayMemories Home\PMBDeviceInfoProvider.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
() c:\Program Files\RrFilter\RrFilterService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Sony Corporation) D:\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-31] (Bitdefender)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TaskMngr] - wscript.exe "C:\Program Files (x86)\Common Files\Lenovo\data.js"
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4465152 2013-11-28] (Research In Motion Limited)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [StatusAlerts] - C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [PMBVolumeWatcher] - D:\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-08-20] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] - C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] - D:\Bitdefender\Bitdefender\pmbxag.exe
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] - D:\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] - D:\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-31] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-31] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-31] (Bitdefender)
HKU\S-1-5-21-807289001-2656735144-1847004273-1001\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-31] (Bitdefender)
HKU\S-1-5-21-807289001-2656735144-1847004273-1001\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-31] (Bitdefender)
HKU\S-1-5-21-807289001-2656735144-1847004273-1001\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-31] (Bitdefender)
HKU\S-1-5-21-807289001-2656735144-1847004273-1001\...\Run: [GoogleChromeAutoLaunch_D58DD1E830115286890B6516427E3014] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
HKU\S-1-5-21-807289001-2656735144-1847004273-1001\...\MountPoints2: {0cddc7dd-b2a9-11e3-834f-001fd0806298} - "J:\autorun.exe"
HKU\S-1-5-21-807289001-2656735144-1847004273-1001\...\MountPoints2: {f8900991-6dfd-11e3-82d7-001fd0806298} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL J:\start.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA62E6A0916B2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\..\Interfaces\{7DF5EB80-3309-42AA-AADC-6CF1BD93E4A2}: [NameServer]192.168.2.1
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Adblock Plus) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-08]
CHR Extension: (Google-Suche) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (AdBlock) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-08]
CHR Extension: (Google Wallet) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (Google Mail) - C:\Users\searge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-02-27]
==================== Services (Whitelisted) =================
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited)
R2 bukgmhvrux64; C:\Program Files\002\bukgmhvrux64.exe [706560 2014-04-05] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company)
R2 PMBDeviceInfoProvider; D:\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-08-20] (Sony Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-11-28] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1304064 2013-11-28] (Research In Motion Limited)
R2 RrFilterService64; c:\Program Files\RrFilter\RrFilterService64.exe [171008 2014-03-06] ()
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S2 Service KMSELDI; D:\Program Files\KMSpico\Service_KMS.exe [571392 2013-10-29] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-31] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261056 2013-11-30] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-07-24] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-01-26] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-02-28] (NetFilterSDK.com)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-28] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2013-08-28] (Splashtop Inc.)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 ttBudget2_NTAMD64; C:\Windows\system32\drivers\ttBudget2_amd64.sys [645152 2013-09-15] (TechnoTrend GmbH)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-08 20:32 - 2014-04-08 20:35 - 00000000 ____D () C:\FRST
2014-04-08 12:53 - 2014-04-08 12:53 - 00000753 _____ () C:\Users\searge\Desktop\JRT.txt
2014-04-08 12:45 - 2014-04-08 12:45 - 00000000 ____D () C:\Windows\ERUNT
2014-04-08 12:21 - 2014-04-08 12:55 - 00000000 ____D () C:\AdwCleaner
2014-04-08 12:02 - 2014-04-08 12:02 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 12:02 - 2014-04-08 12:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-08 12:02 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-08 12:02 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-08 12:02 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-08 09:59 - 2014-04-08 12:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 09:58 - 2014-04-08 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\Users\searge\AppData\Roaming\ICAClient
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\Users\searge\AppData\Local\Citrix
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\ProgramData\Citrix
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-04-07 08:58 - 2014-04-07 08:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-05 15:18 - 2014-04-05 15:18 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-04-05 15:17 - 2014-04-08 13:15 - 00000000 ____D () C:\Program Files\RrFilter
2014-04-05 15:16 - 2014-04-08 10:10 - 00000000 ____D () C:\Program Files (x86)\RrSavings
2014-04-05 15:16 - 2014-04-05 15:16 - 00000000 ____D () C:\Program Files\rrsavings
2014-04-05 15:15 - 2014-04-05 15:16 - 00000000 ____D () C:\Program Files\002
2014-04-04 21:32 - 2014-04-04 21:32 - 00000000 ____D () C:\Users\searge\Documents\Sony PMB
2014-04-04 17:50 - 2014-04-04 17:50 - 00000736 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2014-04-04 17:50 - 2014-04-04 17:50 - 00000694 _____ () C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
2014-04-04 17:50 - 2014-04-04 17:50 - 00000000 ____D () C:\Users\searge\AppData\Roaming\Sony Corporation
2014-04-04 17:43 - 2014-04-04 17:43 - 00000830 _____ () C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
2014-04-04 17:43 - 2014-04-04 17:43 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-04 17:42 - 2014-04-04 17:42 - 00000000 ____D () C:\Users\searge\AppData\Roaming\InstallShield
2014-04-01 22:36 - 2014-04-01 22:36 - 00003576 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-04-01 13:29 - 2014-04-01 13:29 - 00000700 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-03-27 00:13 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-27 00:13 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-23 21:34 - 2014-03-23 21:34 - 00003373 _____ () C:\Users\searge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adb.lnk
2014-03-23 08:16 - 2014-03-23 08:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-03-18 22:02 - 2014-03-21 19:32 - 00001253 _____ () C:\Users\searge\Desktop\JdAdapter.lnk
2014-03-18 17:33 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-03-18 17:33 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-18 17:33 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-18 17:33 - 2014-01-04 17:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2014-03-18 17:33 - 2014-01-04 17:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-03-18 17:33 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-03-18 17:33 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-03-18 17:33 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-18 17:33 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-18 17:33 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-18 17:33 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-03-18 17:33 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-18 17:33 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-03-18 17:33 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-03-18 17:33 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-03-18 17:33 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-03-18 17:33 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-03-18 17:33 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-03-18 17:33 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2014-03-18 17:33 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-03-18 17:33 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-03-18 17:33 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-03-18 17:33 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-03-18 17:33 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-03-18 17:33 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-03-18 17:33 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 17:33 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-03-18 17:33 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-03-18 17:33 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2014-03-18 17:33 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-03-18 17:33 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 17:33 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-03-18 17:33 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-03-18 17:33 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-03-18 17:33 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-03-18 17:33 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-18 17:33 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-11 22:46 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-03-11 22:46 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-11 22:46 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-11 22:46 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-03-11 22:46 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-03-11 22:46 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-11 22:46 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-11 22:46 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-11 22:46 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-03-11 22:46 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-11 22:46 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-03-11 22:46 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-11 22:46 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-11 22:46 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-11 22:46 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-11 22:46 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-11 22:46 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-11 22:46 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-11 22:45 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-11 22:45 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 22:45 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-11 22:45 - 2014-01-31 18:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-11 22:45 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-11 22:45 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-03-11 22:45 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-03-11 22:45 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-11 22:45 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-11 22:45 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-11 22:45 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-11 22:45 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-03-11 22:45 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-11 22:45 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-11 22:45 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-11 22:45 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-11 22:45 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-11 22:45 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-11 22:45 - 2014-01-27 13:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-11 22:45 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-03-11 22:45 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-11 22:45 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-03-11 22:45 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-10 21:46 - 2014-03-16 09:39 - 00000000 ____D () C:\Users\searge\AppData\Roaming\TeamViewer
2014-03-10 21:46 - 2014-03-10 21:46 - 00001178 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-10 21:46 - 2014-03-10 21:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
==================== One Month Modified Files and Folders =======
2014-04-08 20:35 - 2014-04-08 20:32 - 00000000 ____D () C:\FRST
2014-04-08 20:33 - 2013-09-15 15:02 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-807289001-2656735144-1847004273-1001
2014-04-08 20:31 - 2013-09-15 15:18 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E8AA8A1F-5A34-46C3-B042-CDA6E1FAB47A}
2014-04-08 20:29 - 2013-10-12 13:09 - 00005112 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Gonzo-searge Gonzo
2014-04-08 20:28 - 2013-09-24 21:52 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-08 20:28 - 2013-09-24 21:51 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-08 20:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-04-08 20:27 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-04-08 13:18 - 2013-09-15 15:45 - 00000000 ____D () C:\Users\searge\Documents\Outlook-Dateien
2014-04-08 13:15 - 2014-04-05 15:17 - 00000000 ____D () C:\Program Files\RrFilter
2014-04-08 13:14 - 2013-09-15 14:57 - 01212497 _____ () C:\Windows\WindowsUpdate.log
2014-04-08 13:03 - 2013-09-15 15:00 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 13:03 - 2013-09-01 08:21 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-04-08 13:03 - 2013-09-01 08:21 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-04-08 12:57 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-08 12:55 - 2014-04-08 12:21 - 00000000 ____D () C:\AdwCleaner
2014-04-08 12:53 - 2014-04-08 12:53 - 00000753 _____ () C:\Users\searge\Desktop\JRT.txt
2014-04-08 12:45 - 2014-04-08 12:45 - 00000000 ____D () C:\Windows\ERUNT
2014-04-08 12:37 - 2014-04-08 09:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 12:27 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-08 12:20 - 2013-09-24 21:51 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 12:02 - 2014-04-08 12:02 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 12:02 - 2014-04-08 12:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-08 10:27 - 2013-09-15 14:57 - 00000000 ____D () C:\Users\searge\AppData\Local\VirtualStore
2014-04-08 10:11 - 2013-09-15 14:53 - 00604258 _____ () C:\Windows\PFRO.log
2014-04-08 10:10 - 2014-04-05 15:16 - 00000000 ____D () C:\Program Files (x86)\RrSavings
2014-04-08 10:10 - 2014-01-16 00:03 - 00000000 ____D () C:\Windows\%LOCALAPPDATA%
2014-04-08 09:58 - 2014-04-08 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 09:52 - 2013-09-17 21:32 - 00000000 ____D () C:\Users\searge\AppData\Local\CrashDumps
2014-04-08 08:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-08 08:45 - 2013-09-15 14:57 - 00000000 ____D () C:\Users\searge
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\Users\searge\AppData\Roaming\ICAClient
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\Users\searge\AppData\Local\Citrix
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\ProgramData\Citrix
2014-04-07 09:08 - 2014-04-07 09:08 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-04-07 08:58 - 2014-04-07 08:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-07 08:58 - 2013-12-27 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-07 08:58 - 2013-12-27 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-07 08:58 - 2013-12-27 21:04 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-07 08:58 - 2013-12-27 21:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-07 08:58 - 2013-11-03 08:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-05 23:48 - 2013-09-16 19:29 - 00000000 ____D () C:\Users\searge\AppData\Roaming\vlc
2014-04-05 15:18 - 2014-04-05 15:18 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-04-05 15:16 - 2014-04-05 15:16 - 00000000 ____D () C:\Program Files\rrsavings
2014-04-05 15:16 - 2014-04-05 15:15 - 00000000 ____D () C:\Program Files\002
2014-04-05 09:29 - 2013-09-28 07:24 - 00000000 ____D () C:\Users\searge\AppData\Roaming\FileZilla
2014-04-04 21:36 - 2013-08-22 16:46 - 00056976 _____ () C:\Windows\setupact.log
2014-04-04 21:32 - 2014-04-04 21:32 - 00000000 ____D () C:\Users\searge\Documents\Sony PMB
2014-04-04 17:50 - 2014-04-04 17:50 - 00000736 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2014-04-04 17:50 - 2014-04-04 17:50 - 00000694 _____ () C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
2014-04-04 17:50 - 2014-04-04 17:50 - 00000000 ____D () C:\Users\searge\AppData\Roaming\Sony Corporation
2014-04-04 17:48 - 2013-09-15 21:07 - 00010775 _____ () C:\Windows\DirectX.log
2014-04-04 17:43 - 2014-04-04 17:43 - 00000830 _____ () C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
2014-04-04 17:43 - 2014-04-04 17:43 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-04 17:43 - 2013-10-04 21:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-04 17:42 - 2014-04-04 17:42 - 00000000 ____D () C:\Users\searge\AppData\Roaming\InstallShield
2014-04-03 09:51 - 2014-04-08 12:02 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-08 12:02 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-08 12:02 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 14:15 - 2013-09-24 21:51 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 14:15 - 2013-09-24 21:51 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 22:36 - 2014-04-01 22:36 - 00003576 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-04-01 22:32 - 2013-10-07 18:55 - 00000000 ____D () C:\ProgramData\PMS
2014-04-01 13:29 - 2014-04-01 13:29 - 00000700 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-03-30 22:43 - 2013-09-20 13:52 - 00000446 _____ () C:\Windows\system32\checkdnsid.xml
2014-03-24 07:48 - 2013-11-13 22:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-24 07:47 - 2013-11-13 22:16 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-23 21:34 - 2014-03-23 21:34 - 00003373 _____ () C:\Users\searge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adb.lnk
2014-03-23 21:33 - 2013-11-18 19:29 - 00025430 _____ () C:\Windows\DPINST.LOG
2014-03-23 21:22 - 2014-01-26 12:29 - 00000000 ____D () C:\adb
2014-03-23 18:28 - 2013-09-27 07:54 - 00000757 _____ () C:\Users\Public\Desktop\DriverTools.lnk
2014-03-23 14:53 - 2013-09-15 14:57 - 00000000 ____D () C:\Users\searge\AppData\Local\Packages
2014-03-23 08:16 - 2014-03-23 08:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-03-21 19:32 - 2014-03-18 22:02 - 00001253 _____ () C:\Users\searge\Desktop\JdAdapter.lnk
2014-03-21 19:30 - 2013-12-27 20:48 - 00000000 ____D () C:\JdAdapter
2014-03-20 20:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-03-20 18:23 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-03-18 17:56 - 2013-09-15 15:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-16 09:39 - 2014-03-10 21:46 - 00000000 ____D () C:\Users\searge\AppData\Roaming\TeamViewer
2014-03-13 12:28 - 2013-08-22 16:44 - 00680704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 21:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 21:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 21:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 21:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 21:01 - 2013-08-22 15:25 - 00000167 _____ () C:\Windows\win.ini
2014-03-10 21:46 - 2014-03-10 21:46 - 00001178 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-10 21:46 - 2014-03-10 21:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
Some content of TEMP:
====================
C:\Users\searge\AppData\Local\Temp\70069uninstall.exe
C:\Users\searge\AppData\Local\Temp\97837uninstall.exe
C:\Users\searge\AppData\Local\Temp\BackupSetup.exe
C:\Users\searge\AppData\Local\Temp\bitool.dll
C:\Users\searge\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\searge\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\searge\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\searge\AppData\Local\Temp\dn6am4pr.dll
C:\Users\searge\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpujgcqh.dll
C:\Users\searge\AppData\Local\Temp\JavaIC.dll
C:\Users\searge\AppData\Local\Temp\jna4094160804366063450.dll
C:\Users\searge\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\searge\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\searge\AppData\Local\Temp\jw7oa9s0.dll
C:\Users\searge\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\searge\AppData\Local\Temp\ose00000.exe
C:\Users\searge\AppData\Local\Temp\Quarantine.exe
C:\Users\searge\AppData\Local\Temp\SetupUtil.exe
C:\Users\searge\AppData\Local\Temp\Sqlite3.dll
C:\Users\searge\AppData\Local\Temp\uoep7mjm.dll
C:\Users\searge\AppData\Local\Temp\vcredist_x64.exe
C:\Users\searge\AppData\Local\Temp\vlc-2.0.8-win64.exe
C:\Users\searge\AppData\Local\Temp\xmlUpdater.exe
C:\Users\searge\AppData\Local\Temp\y8xnifui.dll
C:\Users\searge\AppData\Local\Temp\yi2tt9uo.dll
C:\Users\searge\AppData\Local\Temp\_is492C.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-11 22:45] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-03 07:22
==================== End Of Log ============================
--- --- ---
--- --- ---
und Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by searge at 2014-04-08 20:35:55
Running from E:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.23.0.996 - Bitdefender)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.2.13 - BlackBerry Ltd.)
Catalyst Control Center (x32 Version: 2013.0424.1225.20315 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version: - Microsoft)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
DriverTools 1.0 (HKLM-x32\...\DriverTools) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
HP LaserJet 200 color MFP M276 (HKLM-x32\...\{CC38C23C-7824-4DBB-AC73-997CD0BBFEC7}) (Version: 5.0.12201.1116 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM276DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.2.00.07270 - Sony Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Juniper Citrix Services Client (HKCU\...\Juniper_Citrix_Services) (Version: 7.1.12.21827 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.10.21853 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
KMSpico v9.0.3.20131029 (Beta) (HKLM\...\KMSpico_is1) (Version: 9.0.3.20131029 - )
Kobo (HKLM-x32\...\Kobo) (Version: 3.3.11 - Kobo Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - )
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: - )
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUS_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34F51E79-0110-4B49-A245-81319F58453E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{05D8C7F6-9A93-4925-B2B3-7D6507AD2FC9}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CA014CB4-B26F-4D27-BF26-C994CC3428E5}) (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.75 - VSO Software)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (07/09/2013 8.0.0000.00000) (HKLM\...\B228DE36C9BB3DACF6D7E3093BE62455DBC81FA5) (Version: 07/09/2013 8.0.0000.00000 - Google, Inc.)
x64 Components v4.3.7 (HKLM\...\Advanced x64Components_is1) (Version: 4.3.7 - Shark007)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.7.2.20130619 - Xilisoft)
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {040E78E1-7F1A-4E7F-A4AE-C75FE483DC75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2167A009-9652-493E-83DE-435330D3F761} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2013-10-11] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39E728F5-3C26-48CA-838A-68214D097CFB} - \FoxTab No Task File
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {408692F2-F290-4EDC-A8B5-917570056F6B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Gonzo-searge Gonzo => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51D1C62C-3E51-4A31-8643-ACA6CE301712} - System32\Tasks\Bitdefender Auto-Scan => C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe [2013-06-19] (Bitdefender)
Task: {5BEC8435-1686-4E25-8A16-94469BE4C831} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {739635E2-F15C-4B99-8CE9-4817A9E8140F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75E490D3-D22A-4388-8DC8-AAF6DB64C3E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {82C8901B-8175-443D-8C7B-7502095AD644} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-03-24] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {98FB4728-07B4-4FEE-B8A9-3B8297D630A6} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BCCAF7BD-8D47-44CD-807C-30A1603192DE} - System32\Tasks\Launch ASUS Sync Loader => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D419F195-C5AC-4F9C-9AD6-B5B33FBDE03C} - System32\Tasks\AutoPico Daily Restart => D:\Program Files\KMSpico\AutoPico.exe [2013-10-29] ()
Task: {D730E2C3-5663-4977-A84A-FCF0183E374A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC6300CB-1B62-45F5-8A09-8B13C55A873A} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {E4554C9A-AEE8-4D7F-9AED-D230EB3E104B} - System32\Tasks\Desktop-Autostart => C:\Windows\explorer.exe [2013-10-22] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-30 09:38 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-11-30 09:38 - 2013-11-28 13:49 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2013-11-30 09:38 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2013-11-30 09:38 - 2013-11-28 13:49 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-03-25 22:49 - 2014-03-25 22:49 - 00771328 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00038_013\ashttpbr.mdl
2014-03-25 22:49 - 2014-03-25 22:49 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00038_013\ashttpdsp.mdl
2014-03-25 22:49 - 2014-03-25 22:49 - 02593416 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00038_013\ashttpph.mdl
2014-03-25 22:49 - 2014-03-25 22:49 - 01317216 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00038_013\ashttprbl.mdl
2014-04-05 15:16 - 2014-04-05 15:16 - 00706560 _____ () C:\Program Files\002\bukgmhvrux64.exe
2014-03-06 15:52 - 2014-03-06 15:52 - 00171008 _____ () c:\Program Files\RrFilter\RrFilterService64.exe
2014-03-04 13:25 - 2014-03-04 13:25 - 00110080 _____ () c:\Program Files\RrFilter\nfapi.dll
2014-03-04 13:25 - 2014-03-04 13:25 - 00317952 _____ () c:\Program Files\RrFilter\ProtocolFilters.dll
2013-11-30 09:38 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-22 20:30 - 2013-10-22 20:30 - 00661008 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-04-03 07:23 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () D:\FileZilla FTP Client\fzshellext.dll
2014-04-03 07:23 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-03 07:23 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-03 07:23 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-03 07:23 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-03 07:23 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2013-11-30 09:38 - 2014-03-31 14:22 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-04-03 07:23 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 712: DNSServiceGetAddrInfo v4v6 32b59b58e921fdb78ef33d54b66c54.local.
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 712: Could not write data to client because of error - aborting connection
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: send_msg ERROR: failed to write 104 of 104 bytes to fd 712 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 672: DNSServiceGetAddrInfo v4v6 32b59b58e921fdb78ef33d54b66c54.local.
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 672: Could not write data to client because of error - aborting connection
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: send_msg ERROR: failed to write 104 of 104 bytes to fd 672 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 656: DNSServiceGetAddrInfo v4v6 01103B18EC46E639BBE0CD2FE7D232.local.
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 656: Could not write data to client because of error - aborting connection
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: send_msg ERROR: failed to write 104 of 104 bytes to fd 656 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS) (User: )
Description: 684: DNSServiceBrowse _Friendly._sub._bp2p._tcp.local.
System errors:
=============
Error: (04/08/2014 00:57:28 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/08/2014 00:57:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147943468
Error: (04/08/2014 00:57:20 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: 1068HomeGroupProviderNicht verfügbar{6F7C8E8F-DC69-4E3F-BC05-439962A05FD5}
Error: (04/08/2014 00:57:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2147952449
Error: (04/08/2014 00:57:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%2147952449
Error: (04/08/2014 00:56:03 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT-AUTORITÄT)
Description: 3 war nicht erfolgreich.
Name des Gruppenrichtlinienobjekts: Local Group Policy
Dateisystempfad des Gruppenrichtlinienobjekts: C:\Windows\System32\GroupPolicy\Machine
Skriptname: D:\Bitdefender\Bitdefender\support.exe
Microsoft Office Sessions:
=========================
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 712: DNSServiceGetAddrInfo v4v6 32b59b58e921fdb78ef33d54b66c54.local.
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 712: Could not write data to client because of error - aborting connection
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: send_msg ERROR: failed to write 104 of 104 bytes to fd 712 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 672: DNSServiceGetAddrInfo v4v6 32b59b58e921fdb78ef33d54b66c54.local.
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 672: Could not write data to client because of error - aborting connection
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: send_msg ERROR: failed to write 104 of 104 bytes to fd 672 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 656: DNSServiceGetAddrInfo v4v6 01103B18EC46E639BBE0CD2FE7D232.local.
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 656: Could not write data to client because of error - aborting connection
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: send_msg ERROR: failed to write 104 of 104 bytes to fd 656 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (04/08/2014 08:28:00 PM) (Source: RIM MDNS)(User: )
Description: 684: DNSServiceBrowse _Friendly._sub._bp2p._tcp.local.
CodeIntegrity Errors:
===================================
Date: 2013-11-30 08:29:28.113
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 8190.48 MB
Available physical RAM: 6450.61 MB
Total Pagefile: 9470.48 MB
Available Pagefile: 7182 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:39 GB) (Free:7.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (PROGRAMME) (Fixed) (Total:15.7 GB) (Free:8.23 GB) NTFS
Drive e: (Downloads) (Fixed) (Total:57.08 GB) (Free:30.34 GB) NTFS
Drive g: (MP3) (Fixed) (Total:58.59 GB) (Free:21.27 GB) NTFS
Drive h: (MultiVol) (Fixed) (Total:382.5 GB) (Free:150.59 GB) NTFS
Drive i: (INSTALL) (Fixed) (Total:24.65 GB) (Free:10.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 3238191C)
Partition 1: (Active) - (Size=39 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 03250324)
Partition 2: (Not Active) - (Size=466 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 