Na schön, wenns sein muss. Der Name ist mir egal, hab eh immer Phantasienamen aber finds eigentlich trotzdem nicht so gut.
Dateinamen verraten mir doch etwas zu viel darüber, was jemand so macht.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by drad (administrator) on ZKN on 20-11-2014 13:58:05
Running from C:\Users\drad\Desktop
Loaded Profile: drad (Available profiles: drad & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Western Digital Technologies, Inc.) C:\Users\Public\Documents\Downloads\WD_SmartWare_Installer_2.4.4.5\WD SmartWare Installer.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Western Digital Technologies, Inc.) C:\Users\drad\AppData\Local\Temp\{e502616c-37a2-498e-a9ee-cd1234ccc820}\.be\WD SmartWare Installer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [776064 2011-01-21] (Splashtop Inc.)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-10-24] (Razer Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\RunOnce: [{e502616c-37a2-498e-a9ee-cd1234ccc820}] => C:\ProgramData\Package Cache\{e502616c-37a2-498e-a9ee-cd1234ccc820}\WD SmartWare Installer.exe [1263496 2014-11-20] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\MountPoints2: {cd03df40-98dd-11e3-a860-806e6f6e6963} - F:\Run.exe
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\MountPoints2: {e75a38c9-98e1-11e3-8649-806e6f6e6963} - F:\atisetup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3898391308-2140890095-422166249-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
URLSearchHook: HKCU - Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
SearchScopes: HKU\S-1-5-21-3898391308-2140890095-422166249-1000 -> DefaultScope {43AED44F-326A-4D18-A691-A9E3C9B28B73} URL = hxxp://www.google.at/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3898391308-2140890095-422166249-1000 -> {43AED44F-326A-4D18-A691-A9E3C9B28B73} URL = hxxp://www.google.at/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3898391308-2140890095-422166249-1000 -> {7C3AA122-EA9B-4c51-BF0D-D6F9D3B9D540} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=PROTOSV
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Splashtop Connect VisualBookmark -> {0E5680D1-BF44-4929-94AF-FD30D784AD1D} -> C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: 127.0.0.1 rad.msn.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF Extension: Splashtop Connect Companion - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF Extension: Splashtop Connect - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF Extension: Yoono - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-19]
Chrome:
=======
CHR Profile: C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-08-30]
CHR Extension: (Google Docs) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07]
CHR Extension: (Google Drive) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07]
CHR Extension: (Google-Suche) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07]
CHR Extension: (Avast Online Security) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-07]
CHR Extension: (Google Mail) - C:\Users\drad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-03-30] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-10-14] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-22] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-13] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
R2 SCBackService; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [477000 2010-11-15] (Splashtop Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2010-11-30] (Splashtop Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-11-07] (Advanced Micro Devices Inc.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-05-29] (Advanced Micro Devices, Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [638976 2014-05-29] (Advanced Micro Devices, Inc.) [File not signed]
R3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
R3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
R3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
R3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-01] (Google Inc)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-04] (Disc Soft Ltd)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-04-05] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [35496 2014-09-05] (Razer Inc)
S3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [226640 2014-03-17] (Focusrite A.E.)
S3 SaffireAudio; C:\Windows\System32\drivers\SaffireAudio.sys [47824 2014-03-17] (Focusrite A.E.)
S3 SaffireMidi; C:\Windows\System32\drivers\SaffireMidi.sys [38608 2014-03-17] (Focusrite A.E.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 13:58 - 2014-11-20 13:58 - 00023166 _____ () C:\Users\drad\Desktop\FRST.txt
2014-11-20 13:50 - 2014-11-20 13:50 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-11-20 13:49 - 2014-11-20 13:58 - 00000000 ____D () C:\FRST
2014-11-20 13:47 - 2014-11-20 13:47 - 02117120 _____ (Farbar) C:\Users\drad\Desktop\FRST64.exe
2014-11-19 19:29 - 2014-11-19 19:29 - 00000000 ____D () C:\Analytics
2014-11-19 19:28 - 2014-11-19 19:28 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital
2014-11-19 19:24 - 2014-11-19 19:24 - 00000000 ____D () C:\Users\drad\AppData\Local\Western Digital
2014-11-19 19:21 - 2014-11-19 19:21 - 00000000 ____D () C:\Users\drad\AppData\Local\Western_Digital_Technolog
2014-11-19 19:20 - 2014-11-20 13:58 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-11-19 19:20 - 2014-11-20 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-11-19 19:20 - 2014-11-19 19:21 - 00014218 _____ () C:\Windows\DPINST.LOG
2014-11-19 19:20 - 2014-11-19 19:20 - 00000000 ____D () C:\Program Files\Western Digital
2014-11-19 19:19 - 2014-11-20 13:58 - 00000000 ____D () C:\ProgramData\Western Digital
2014-11-19 19:14 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-19 19:12 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-19 19:12 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-19 19:12 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-19 14:58 - 2014-11-19 14:58 - 00000000 __SHD () C:\Users\drad\AppData\Local\EmieBrowserModeList
2014-11-19 14:45 - 2014-11-20 13:49 - 00000748 _____ () C:\Windows\setupact.log
2014-11-19 14:45 - 2014-11-19 14:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-19 14:44 - 2014-11-20 13:48 - 00655838 _____ () C:\Windows\PFRO.log
2014-11-19 14:43 - 2014-11-19 14:43 - 00000000 _____ () C:\asc_rdflag
2014-11-18 14:43 - 2014-11-18 14:43 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-18 14:43 - 2014-11-18 14:43 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-18 14:42 - 2014-11-18 14:42 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-18 14:42 - 2014-11-18 14:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-18 14:40 - 2014-11-18 14:40 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-18 14:40 - 2014-11-18 14:40 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-18 14:39 - 2014-11-18 14:39 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-18 14:39 - 2014-11-18 14:39 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-18 14:38 - 2014-11-18 14:38 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-18 14:38 - 2014-11-18 14:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-18 14:37 - 2014-11-18 14:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-18 14:37 - 2014-11-18 14:37 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-18 14:37 - 2014-11-18 14:37 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-18 14:37 - 2014-11-18 14:37 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-18 14:37 - 2014-11-18 14:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-18 14:37 - 2014-11-18 14:37 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-18 14:37 - 2014-11-18 14:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-18 14:37 - 2014-11-18 14:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-18 14:37 - 2014-11-18 14:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-18 14:37 - 2014-11-18 14:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-18 03:12 - 2014-11-18 03:12 - 00000816 _____ () C:\Users\drad\Desktop\kl18 z92.fst
2014-11-17 22:20 - 2014-11-17 22:20 - 125647960 ____N () C:\Users\drad\Desktop\DSCF1142.AVI
2014-11-17 22:20 - 2014-11-17 22:20 - 100072588 ____N () C:\Users\drad\Desktop\DSCF1141.AVI
2014-11-17 22:19 - 2014-11-17 22:20 - 346503964 ____N () C:\Users\drad\Desktop\DSCF1132.AVI
2014-11-13 23:35 - 2014-11-18 20:59 - 00002404 _____ () C:\Users\drad\Desktop\Guten Abend geschätzte Spielerschaft.txt
2014-11-08 00:56 - 2014-11-19 14:43 - 44113920 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-11-07 10:34 - 2014-11-07 10:34 - 44113920 _____ () C:\Windows\system32\config\components.iobit
2014-11-07 09:55 - 2014-11-07 09:55 - 00082432 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3hub.sys
2014-11-07 09:54 - 2014-11-07 09:54 - 00011944 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\amdide64.sys
2014-11-07 09:53 - 2014-11-20 13:50 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-11-07 09:53 - 2014-11-07 09:53 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-07 09:53 - 2014-11-07 09:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-11-06 22:22 - 2014-11-06 22:22 - 22591574 _____ () C:\Users\drad\Desktop\final fantasy.flp
2014-11-04 20:35 - 2014-11-04 20:35 - 00000876 _____ () C:\Users\drad\Desktop\kl18 z9.fst
2014-11-04 20:34 - 2014-11-04 20:34 - 00000460 _____ () C:\Users\drad\Desktop\kl 18 z 9.fxp
2014-11-04 20:27 - 2014-11-04 20:27 - 00978010 _____ () C:\Users\drad\Desktop\htfhtf.wav
2014-11-03 22:33 - 2014-11-11 20:42 - 14869639 _____ () C:\Users\drad\Desktop\now is the time.flp
2014-10-29 12:44 - 2014-10-29 12:44 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-29 12:44 - 2014-10-29 12:44 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-29 12:44 - 2014-10-29 12:44 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-29 12:44 - 2014-10-29 12:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-29 12:44 - 2014-10-29 12:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-29 12:44 - 2014-10-29 12:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-29 12:44 - 2014-10-29 12:44 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-29 12:44 - 2014-10-29 12:44 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-29 12:44 - 2014-10-29 12:44 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-29 12:44 - 2014-10-29 12:44 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-29 12:44 - 2014-10-29 12:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-29 12:42 - 2014-10-29 12:42 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-29 12:40 - 2014-10-29 12:40 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-29 12:40 - 2014-10-29 12:40 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-29 12:40 - 2014-10-29 12:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-29 12:40 - 2014-10-29 12:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-29 12:39 - 2014-10-29 12:39 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-29 12:39 - 2014-10-29 12:39 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-29 12:39 - 2014-10-29 12:39 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-10-29 12:39 - 2014-10-29 12:39 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-10-29 12:39 - 2014-10-29 12:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-29 12:39 - 2014-10-29 12:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-29 12:38 - 2014-10-29 12:38 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-29 12:38 - 2014-10-29 12:38 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-29 12:38 - 2014-10-29 12:38 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-29 12:38 - 2014-10-29 12:38 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-27 12:08 - 2014-10-27 12:08 - 00941784 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-10-27 12:08 - 2014-10-27 12:08 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-10-26 14:44 - 2014-10-26 14:44 - 00001685 _____ () C:\Users\drad\Desktop\broken ac 2.fst
2014-10-25 22:01 - 2014-10-25 22:02 - 00000154 _____ () C:\Users\drad\Desktop\fsgfs.html
2014-10-25 15:09 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-25 15:09 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-22 19:18 - 2014-10-22 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-22 19:15 - 2014-09-17 05:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-10-22 19:15 - 2014-09-17 05:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-10-22 19:15 - 2014-09-14 00:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-10-22 19:15 - 2014-09-14 00:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-10-22 14:54 - 2014-10-22 14:54 - 00000000 ____D () C:\ArcheAge
2014-10-22 12:52 - 2014-10-22 12:52 - 00002892 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_drad
2014-10-22 12:52 - 2014-10-22 12:52 - 00001180 _____ () C:\Users\drad\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-22 12:50 - 2014-10-22 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-10-22 03:48 - 2014-11-18 00:37 - 00000000 ____D () C:\Users\drad\Desktop\igelchen
2014-10-21 21:39 - 2014-10-21 22:55 - 00014848 _____ () C:\Users\drad\Desktop\hamster.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 13:58 - 2014-05-13 06:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-20 13:58 - 2014-02-18 21:49 - 01618942 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 13:56 - 2009-07-14 05:45 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-20 13:56 - 2009-07-14 05:45 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-20 13:55 - 2014-02-19 06:44 - 00769022 _____ () C:\Windows\system32\perfh007.dat
2014-11-20 13:55 - 2014-02-19 06:44 - 00173340 _____ () C:\Windows\system32\perfc007.dat
2014-11-20 13:55 - 2009-07-14 06:13 - 01793588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 13:49 - 2014-09-17 16:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-20 13:49 - 2014-08-07 18:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-20 13:49 - 2014-02-18 22:16 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-20 13:49 - 2014-02-18 22:04 - 00000144 _____ () C:\service.log
2014-11-20 13:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-20 13:46 - 2014-02-18 22:58 - 00000000 ____D () C:\Users\drad\AppData\Local\Battle.net
2014-11-20 13:30 - 2014-03-14 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-20 13:02 - 2014-08-07 18:45 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-19 20:07 - 2014-04-18 01:27 - 00000000 ____D () C:\Users\drad\AppData\Roaming\Skype
2014-11-19 19:35 - 2014-02-19 16:01 - 00000000 ____D () C:\Users\drad\AppData\Roaming\vlc
2014-11-19 19:14 - 2014-09-17 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-19 19:14 - 2014-05-13 06:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-19 17:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-19 14:56 - 2014-10-06 15:21 - 00000000 ____D () C:\Users\drad\Desktop\bewerbungen 2k14
2014-11-19 14:47 - 2014-02-18 22:33 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-19 14:45 - 2009-07-14 05:45 - 02215840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-19 14:43 - 2014-07-06 19:40 - 68415488 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-11-19 14:43 - 2014-07-06 19:40 - 00245760 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-11-19 14:43 - 2014-07-06 19:40 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-11-19 14:43 - 2014-07-06 19:40 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-11-19 14:43 - 2014-02-18 21:57 - 00000000 ____D () C:\Users\drad
2014-11-18 22:59 - 2014-04-03 18:10 - 00000000 ____D () C:\Users\drad\AppData\Roaming\TS3Client
2014-11-18 22:20 - 2014-05-21 21:41 - 00000000 ____D () C:\Temp
2014-11-18 20:54 - 2014-05-19 17:14 - 00000000 ____D () C:\Users\drad\Desktop\bienen fotos
2014-11-18 20:54 - 2014-02-18 22:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-18 16:24 - 2014-02-19 14:54 - 00000000 ____D () C:\Users\drad\AppData\Local\Deployment
2014-11-18 14:09 - 2014-10-06 16:47 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412610437
2014-11-18 14:09 - 2014-10-06 16:47 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-17 22:20 - 2014-07-18 14:25 - 01060352 ___SH () C:\Users\drad\Desktop\Thumbs.db
2014-11-17 03:17 - 2014-05-05 13:51 - 00000000 ____D () C:\Users\drad\AppData\Local\CrashDumps
2014-11-13 20:19 - 2014-09-23 14:01 - 00000000 ____D () C:\Users\drad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-11-13 17:57 - 2014-08-07 18:45 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 17:57 - 2014-08-07 18:45 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 01:20 - 2014-09-17 16:09 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-13 01:20 - 2014-09-17 16:09 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2014-09-17 16:09 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2014-09-17 16:09 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2014-09-17 16:09 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2014-09-17 16:09 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2014-09-17 16:09 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2014-09-17 16:11 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2014-09-17 16:11 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2014-09-17 16:11 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2014-09-17 16:11 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2014-09-17 16:11 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2014-09-17 16:11 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-12 14:30 - 2014-03-14 11:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 14:30 - 2014-02-18 22:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 14:30 - 2014-02-18 22:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 11:48 - 2014-02-19 14:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-11 11:29 - 2014-09-17 16:11 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 09:53 - 2014-02-18 22:39 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-11-07 09:53 - 2014-02-18 22:39 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-11-07 09:53 - 2014-02-18 22:33 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-06 20:27 - 2014-02-18 22:30 - 00065560 _____ () C:\Users\drad\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-05 12:02 - 2014-07-10 01:40 - 00000167 _____ () C:\Users\drad\Desktop\fritzpowerlan.txt
2014-11-03 20:54 - 2014-02-18 22:02 - 00000000 ____D () C:\Users\drad\Desktop\WoW Raid
2014-10-29 19:59 - 2014-02-23 19:30 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-29 12:51 - 2014-08-01 10:24 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-27 18:15 - 2014-07-18 05:01 - 00000000 ____D () C:\Users\drad\Desktop\mp4fb
2014-10-27 12:08 - 2014-02-18 22:08 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-10-25 22:15 - 2014-03-05 10:40 - 00000000 ____D () C:\Users\drad\AppData\Local\Adobe
2014-10-25 22:15 - 2014-02-18 22:29 - 00000000 ____D () C:\Users\drad\AppData\Roaming\Adobe
2014-10-22 15:16 - 2014-09-07 17:43 - 00000000 ____D () C:\Users\drad\Documents\ArcheAge
2014-10-22 12:50 - 2014-02-18 22:33 - 00000000 ____D () C:\ProgramData\IObit
Some content of TEMP:
====================
C:\Users\drad\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\drad\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 03:24
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by drad at 2014-11-20 13:58:37
Running from C:\Users\drad\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.7.672769 - )
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BBSAK (HKLM-x32\...\{B23F12D4-17DE-453A-B1F4-55E501FE0EBF}) (Version: 1.9.2 - JMT Labs)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
CanoScan LiDE 90 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Curse Client - 1 (HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Easy Tune 6 B11.0120.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0120.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
GamersFirst LIVE! (HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\GamersFirst LIVE!) (Version: - GamersFirst)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Happy Cloud Client (HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\HappyCloud) (Version: 5.24 - Happy Cloud, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.27 - IObit)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 25.0.1614.71 (HKLM-x32\...\Opera 25.0.1614.71) (Version: 25.0.1614.71 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22879 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Saffire MixControl 3.4 (HKLM\...\Saffire PRO 40_is1) (Version: 3.4 - Focusrite Audio Engineering Ltd.)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
Sound Blaster Tactic(3D) Alpha (HKLM-x32\...\{2226247D-9846-4370-A1EF-FAA6958F7632}) (Version: 1.0 - Creative Technology Limited)
Splashtop Connect for Firefox (HKLM-x32\...\{D2BF4F2C-BDF3-41C3-8D38-185F6342EC47}) (Version: 1.1.6.3 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}) (Version: 1.1.12.1 - Splashtop Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3898391308-2140890095-422166249-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{59E0381C-1047-45A3-B68A-57F586EAF3C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{D338102B-BA1C-4CCA-B870-8690FA0F0433}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3898391308-2140890095-422166249-1000_Classes\CLSID\{1b19cf90-ca4f-4236-9c69-70cbb4fc8fab}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
==================== Restore Points =========================
18-11-2014 13:37:10 Windows Modules Installer
20-11-2014 12:52:32 WD SmartWare Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-04-18 01:51 - 2014-08-07 17:19 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 rad.msn.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00050844-C5CE-4972-BFA5-4A3EC7DBCF8D} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {16D00133-FF22-45A7-A7A2-F14D9E96802B} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-03] (IObit)
Task: {1CE78764-73A7-4202-A944-1D40BB323A5C} - System32\Tasks\Uninstaller_SkipUac_drad => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-22] (IObit)
Task: {23F1456E-9723-4FBD-8DC3-A9519822B961} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {3A7223F2-B6E8-4170-97FF-A1ACF3660D27} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-22] (IObit)
Task: {41F18C33-05B1-41A6-88F5-915E79B1A992} - System32\Tasks\Driver Booster SkipUAC (drad) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-28] (IObit)
Task: {771305A4-2C9C-41CA-9BBF-B9C39CAEB84E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07] (Google Inc.)
Task: {804BE87F-AB6F-41FF-8439-8CC52D141BE5} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: {88346C25-50AB-4FB1-B422-DE38A160E45F} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.)
Task: {A27077D7-1FB0-4B34-B548-7B5F5FA058FA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {A494BA80-7790-4907-B90E-460242144949} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {B73AB110-E953-4250-985B-45EDD7B98530} - System32\Tasks\Opera scheduled Autoupdate 1412610437 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-14] (Opera Software)
Task: {BD8690C1-BAD4-436C-848B-8F48DC50707C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07] (Google Inc.)
Task: {CB1167F2-B078-4D37-BB10-B01DE505F9EE} - System32\Tasks\ASC7_SkipUac_drad => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {DD94A55B-27FD-4E3F-8EB0-F8BDEB8387D6} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-28] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-17 16:11 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-18 22:04 - 2009-08-24 14:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2014-02-18 22:10 - 2010-01-19 03:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2014-05-13 06:26 - 2014-05-13 06:26 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-18 22:33 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-08-06 17:26 - 2014-08-06 17:26 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-20 11:04 - 2014-11-20 11:04 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14112000\algo.dll
2014-02-18 22:04 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2014-02-18 22:33 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-02-18 22:33 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-02-18 22:33 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-02-18 22:33 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-08-06 17:26 - 2014-08-06 17:26 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-05 09:29 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-05-05 09:29 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-05-05 09:29 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-05-05 09:29 - 2013-12-12 17:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-05-05 09:29 - 2013-05-16 18:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-05-05 09:29 - 2013-10-16 21:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-05-05 09:29 - 2013-05-16 18:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-02-18 22:28 - 2014-09-11 04:19 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2014-02-18 22:28 - 2014-09-11 04:19 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2014-02-18 22:28 - 2014-09-11 04:19 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2014-02-18 22:28 - 2014-09-11 04:19 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2014-02-18 22:28 - 2014-09-11 04:19 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2014-09-17 17:20 - 2014-09-11 04:19 - 04055504 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
2014-09-17 17:20 - 2014-09-11 04:19 - 17029808 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\Npplugins\NPSWF32_14_0_0_145.dll
2014-02-18 22:28 - 2014-09-11 04:19 - 02128152 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
2014-11-20 13:53 - 2014-11-20 13:53 - 00014336 _____ () C:\Users\drad\AppData\Local\Temp\WDE9443.tmp\ml_online.lng
2014-11-20 13:53 - 2014-11-20 13:53 - 00036352 _____ () C:\Users\drad\AppData\Local\Temp\WDE9443.tmp\ombrowser.lng
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR430 => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^drad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^drad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.Startup
========================= Accounts: ==========================
Administrator (S-1-5-21-3898391308-2140890095-422166249-500 - Administrator - Disabled)
Gast (S-1-5-21-3898391308-2140890095-422166249-501 - Limited - Enabled)
drad (S-1-5-21-3898391308-2140890095-422166249-1000 - Administrator - Enabled) => C:\Users\drad
HomeGroupUser$ (S-1-5-21-3898391308-2140890095-422166249-1011 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/20/2014 01:58:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: drad)
Description: Die Anwendung oder der Dienst "WD Backup" konnte nicht neu gestartet werden.
Error: (11/20/2014 01:58:02 PM) (Source: MsiInstaller) (EventID: 11303) (User: drad)
Description: Produkt: WD SmartWare -- Fehler 1303. Das Installationsprogramm besitzt keine ausreichenden Berechtigungen, um auf dieses Verzeichnis zuzugreifen: C:\Program Files\Western Digital\WD SmartWare\Locale\zh_TW.lproj. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an, oder wenden Sie sich an den Systemadministrator.
Error: (11/20/2014 01:49:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2014 03:14:59 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
Error: (11/19/2014 03:14:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020
Error: (11/19/2014 02:46:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/18/2014 02:58:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Workflow.ComponentModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
Error: (11/18/2014 02:05:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/17/2014 03:16:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a144
Name des fehlerhaften Moduls: mswsock.dll, Version: 6.1.7601.18254, Zeitstempel: 0x522be0b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000012c6
ID des fehlerhaften Prozesses: 0xcf4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (11/17/2014 00:33:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x94c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
System errors:
=============
Error: (11/19/2014 04:40:14 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:40:14 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:40:14 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:33:41 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:33:41 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:33:41 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:32:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:32:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:32:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/19/2014 04:31:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Microsoft Office Sessions:
=========================
Error: (11/20/2014 01:58:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: drad)
Description: 0WDBackupEngine.exeWD Backup03026217831000
Error: (11/20/2014 01:58:02 PM) (Source: MsiInstaller) (EventID: 11303) (User: drad)
Description: Produkt: WD SmartWare -- Fehler 1303. Das Installationsprogramm besitzt keine ausreichenden Berechtigungen, um auf dieses Verzeichnis zuzugreifen: C:\Program Files\Western Digital\WD SmartWare\Locale\zh_TW.lproj. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an, oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/20/2014 01:49:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2014 03:14:59 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
ehshell, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Error: (11/19/2014 03:14:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020
ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil
Error: (11/19/2014 02:46:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/18/2014 02:58:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Workflow.ComponentModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
System.Workflow.ComponentModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Error: (11/18/2014 02:05:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/17/2014 03:16:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175144ce7a144mswsock.dll6.1.7601.18254522be0b3c000000500000000000012c6cf401d001f5c15c8fabC:\Windows\Explorer.EXEC:\Windows\system32\mswsock.dllcc307172-6dff-11e4-8db4-1c6f65d7d99d
Error: (11/17/2014 00:33:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_stisvc6.1.7600.163854a5bc3c1unknown0.0.0.000000000c0000005000000000000000094c01d001f5c072cbc9C:\Windows\system32\svchost.exeunknown06019813-6de9-11e4-8db4-1c6f65d7d99d
CodeIntegrity Errors:
===================================
Date: 2014-05-29 21:59:26.776
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\IObit\Advanced SystemCare 7\KB2871997.cab_Temp\1BF90D21-7869-458F-BBB4-0BE931910051\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-29 21:59:26.607
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\IObit\Advanced SystemCare 7\KB2871997.cab_Temp\1BF90D21-7869-458F-BBB4-0BE931910051\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-29 21:59:26.450
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\IObit\Advanced SystemCare 7\KB2871997.cab_Temp\1BF90D21-7869-458F-BBB4-0BE931910051\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-29 21:59:26.267
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\IObit\Advanced SystemCare 7\KB2871997.cab_Temp\1BF90D21-7869-458F-BBB4-0BE931910051\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 26%
Total physical RAM: 12285.55 MB
Available physical RAM: 9033.8 MB
Total Pagefile: 24569.29 MB
Available Pagefile: 21296.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.88 GB) (Free:35.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (Elysium) (Fixed) (Total:465.75 GB) (Free:20.58 GB) NTFS
Drive g: (TREKSTOR) (Fixed) (Total:149.01 GB) (Free:0.56 GB) FAT32
Drive i: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1804.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 800BD14F)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 1FA3D1E5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 149.1 GB) (Disk ID: 3A794C8C)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
lg Mauee |
FRST 32-Bit | FRST 64-Bit