Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.03.2015, 12:54   #1
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Hallo.
Ich habe seit 2 Tagen das Problem das Firefox einfach neue Tabs öffnet mit Werbung. Das ging los nachdem ich mir etwas gedownloadet habe ich habe.. (eine Handyspiel für den Pc)
Aber nachdem ich es wieder deinstalliert habe ist es leider nicht verschwunden.
Wenn ich Firefox deinstalliere es mir neu installiere ist das Problem bis zum nächsten Neustart meines Rechners verschwunden doch dann taucht es wieder auf. Außerdem öffnet sich nach jedem Neustart nach einer "zufälligen" Zeit wie es scheint eine Installation mit einem Programm namens AnyWhereSetUpWizard (welche ich nie ausgeführt habe).

mfg Alessio

Alt 12.03.2015, 13:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 12.03.2015, 13:51   #3
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Alessio (administrator) on ALESSIO-PC on 12-03-2015 13:45:34
Running from C:\Users\Alessio\Downloads
Loaded Profiles: Alessio (Available profiles: Alessio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp
() C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsj7CCA.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
() C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp
() C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Alessio\AppData\Local\winengine\rkr1.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(Super PC Tools Ltd) C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.239\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcherUx.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcherUx.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcherUx.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Aeria Ignite] => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer\Run: [14206] => C:\ProgramData\Local Settings\Temp\msyaravy.scr [32072 2009-07-14] ( (Microsoft Corporation))
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Services] => C:\Users\Alessio\AppData\Local\Temp\zrdihj.exe <===== ATTENTION
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Java] => C:\Users\Alessio\AppData\Local\Temp\Java.exe <===== ATTENTION
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Chrome Browser] => C:\ProgramData\Chrome Browser0\juqsvyqvq.exe
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-05-11] (NEXON Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [winengine] => C:\Users\Alessio\AppData\Local\winengine\rkr0.exe [511416 2014-12-12] ()
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [winengine2] => C:\Users\Alessio\AppData\Local\winengine\rkr1.exe [511416 2014-12-12] ()
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\MountPoints2: {74bb3247-522c-11e2-b1b1-806e6f6e6963} - D:\autostart.exe
IFEO\ccsvchst.exe: [Debugger] skskj.exe
IFEO\hijackthis.exe: [Debugger] zp_.exe
IFEO\housecalllauncher.exe: [Debugger] fr_.exe
IFEO\rstrui.exe: [Debugger] om_.exe
IFEO\spybotsd.exe: [Debugger] fn_.exe
IFEO\symerr.exe: [Debugger] jtkyy.exe
Startup: C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LEVxCIdNFBMA.lnk
ShortcutTarget: LEVxCIdNFBMA.lnk -> C:\Users\Alessio\AppData\Local\Temp\LEVxCIdNFBMA.exe (No File)
Startup: C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52166;https=127.0.0.1:52166
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4026364676-241273927-3108656300-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4026364676-241273927-3108656300-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-17] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll [2013-02-01] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL [2012-06-21] (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2013-12-14] (Nexon)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4026364676-241273927-3108656300-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alessio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Extension: Zoom It - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\Extensions\{93e9ed41-1f4f-b4bd-0dae-b2b4e3c23151} [2015-03-12]
FF Extension: Adblock Plus - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-06]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn [2013-03-26]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\netsight@nielsen.xpi
FF HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\vxvj29up.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-12]
CHR Extension: (Docs) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12]
CHR Extension: (Google Drive) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-12]
CHR Extension: (Google Search) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-12]
CHR Extension: (Google Sheets) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-12]
CHR Extension: (Speed Test Analysis) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb [2013-03-06]
CHR Extension: (Google Wallet) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-12]
CHR HKLM-x32\...\Chrome\Extension: [kckgnnipheglejoddfhekdjpbdbinhmb] - C:\Users\Alessio\AppData\Roaming\SpeedTestAnalysis\speedtestanalysis.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814976 2015-02-06] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-12-07] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-12-15] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [123320 2011-11-07] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-15] ()
R2 pumygydy; C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp [211456 2015-03-11] () [File not signed]
R2 ryqofisu; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsj7CCA.tmp [136704 2015-03-11] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
R2 xebejehi; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp [91648 2015-03-11] () [File not signed]
R2 zizudobe; C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp [94720 2015-03-11] () [File not signed]
S2 Util Mountain Bike; "C:\Program Files (x86)\Mountain Bike\bin\utilMountainBike.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [1388120 2013-01-16] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130226.002\IDSvia64.sys [513184 2012-12-28] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130227.003\ENG64.SYS [126192 2013-01-19] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130227.003\EX64.SYS [2087664 2013-01-19] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-12-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2011-03-31] (C-Media Electronics Inc)
S1 aclrtvfz; \??\C:\Windows\system32\drivers\aclrtvfz.sys [X]
S1 dfxdnxpi; \??\C:\Windows\system32\drivers\dfxdnxpi.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 13:45 - 2015-03-12 13:46 - 00027911 _____ () C:\Users\Alessio\Downloads\FRST.txt
2015-03-12 13:44 - 2015-03-12 13:45 - 00000000 ____D () C:\FRST
2015-03-12 13:44 - 2015-03-12 13:44 - 02095616 _____ (Farbar) C:\Users\Alessio\Downloads\FRST64.exe
2015-03-12 13:19 - 2015-03-12 13:19 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-12 13:19 - 2015-03-12 13:19 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-12 13:19 - 2015-03-12 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-12 12:22 - 2015-03-12 12:47 - 00001095 _____ () C:\Users\Alessio\Desktop\Continue Live Installation.lnk
2015-03-12 12:21 - 2015-03-12 12:21 - 02171392 _____ () C:\Users\Alessio\Downloads\adwcleaner_4.112(4).exe
2015-03-12 12:00 - 2015-03-09 11:32 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-12 12:00 - 2015-03-09 11:32 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00830600 _____ (Internet software ) C:\Users\Alessio\Downloads\adobe_flash_setup.exe
2015-03-11 17:57 - 2015-03-11 17:57 - 02171392 _____ () C:\Users\Alessio\Downloads\adwcleaner_4.112(3).exe
2015-03-11 14:31 - 2015-03-11 14:32 - 00000000 ____D () C:\Users\Alessio\Desktop\YT Dlds
2015-03-11 14:30 - 2015-03-11 14:30 - 11123720 _____ () C:\Users\Alessio\Downloads\YTDSetup.exe
2015-03-11 11:46 - 2015-03-11 11:46 - 00243528 _____ () C:\Users\Alessio\Downloads\Firefox Setup Stub 36.0.1.exe
2015-03-11 10:40 - 2015-03-11 10:40 - 02171392 _____ () C:\Users\Alessio\Downloads\adwcleaner_4.112(2).exe
2015-03-11 10:33 - 2015-03-11 10:33 - 02171392 _____ () C:\Users\Alessio\Downloads\adwcleaner_4.112(1).exe
2015-03-11 10:30 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:30 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:30 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:30 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:30 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:30 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 10:30 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 10:30 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 10:30 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 10:30 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 10:30 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 10:30 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 10:30 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:30 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:30 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 10:29 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 10:29 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:29 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 10:29 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 10:29 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 10:29 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 10:29 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:28 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:28 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:28 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 10:28 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:28 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:28 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:28 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:28 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:28 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:28 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 10:28 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 10:28 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:28 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:28 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:28 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:28 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:28 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 10:28 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 10:28 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:28 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 10:28 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:28 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:28 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:28 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:28 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:28 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:28 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:28 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:28 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:26 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:26 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 10:11 - 2015-03-11 10:11 - 02171392 _____ () C:\Users\Alessio\Downloads\adwcleaner_4.112.exe
2015-03-11 10:09 - 2015-03-12 12:30 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D
2015-03-11 10:08 - 2015-03-11 10:09 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D
2015-03-11 10:06 - 2015-03-11 10:06 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068395-11DD-896D-3085A9AF655D
2015-03-11 10:05 - 2015-03-11 22:06 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D
2015-03-11 10:04 - 2015-03-11 10:21 - 00000000 ____D () C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\winengine
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Bluestacks
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\ProgramData\{7a382bfb-7e4f-0314-7a38-82bfb7e4afed}
2015-03-11 10:03 - 2015-03-11 10:03 - 00537824 _____ () C:\Users\Alessio\Downloads\Castle%20Clash.exe
2015-03-08 11:51 - 2015-03-08 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-03-08 11:49 - 2007-01-19 18:24 - 00025312 ____R (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2015-03-08 11:47 - 2015-03-08 11:47 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-03-08 11:47 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-03-08 11:47 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-03-08 11:47 - 2010-06-09 13:11 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-03-08 11:46 - 2015-03-08 11:46 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\InstallShield
2015-03-06 15:47 - 2015-03-12 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-04 21:59 - 2015-03-04 22:00 - 00000000 ____D () C:\Users\Alessio\Desktop\AoT
2015-02-26 11:37 - 2015-02-27 11:05 - 00000391 _____ () C:\Users\Alessio\Desktop\Miss.txt
2015-02-25 11:19 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 11:19 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157(1).exe
2015-02-24 14:36 - 2015-03-05 14:42 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-02-24 14:36 - 2015-03-05 14:42 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-19 11:11 - 2015-02-19 11:11 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Steam
2015-02-18 15:06 - 2015-02-18 15:06 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-02-18 00:19 - 2015-02-18 09:41 - 00019627 _____ () C:\Users\Alessio\Desktop\ALN.odt
2015-02-17 23:12 - 2015-02-17 23:13 - 00000582 _____ () C:\Users\Alessio\Desktop\Jokes.txt
2015-02-17 23:10 - 2015-02-17 23:54 - 00000140 _____ () C:\Users\Alessio\Desktop\Quellen.txt
2015-02-17 17:26 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 17:26 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-15 12:14 - 2015-02-15 12:14 - 00000222 _____ () C:\Users\Alessio\Desktop\GunZ 2 The Second Duel.url
2015-02-11 15:19 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:19 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:19 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:18 - 2015-02-11 15:18 - 00003550 _____ () C:\Users\Alessio\Desktop\AOT.txt
2015-02-11 15:18 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:18 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:18 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:18 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 13:26 - 2012-12-29 23:16 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Skype
2015-03-12 13:07 - 2012-12-29 22:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-12 12:54 - 2013-02-25 18:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-12 12:39 - 2013-03-16 10:54 - 00000000 ____D () C:\Fraps
2015-03-12 12:32 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-12 12:32 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-12 12:29 - 2012-12-30 04:03 - 01077601 _____ () C:\Windows\WindowsUpdate.log
2015-03-12 12:26 - 2013-05-25 11:40 - 00000000 ____D () C:\ProgramData\Origin
2015-03-12 12:26 - 2013-02-08 23:46 - 00000000 ____D () C:\Users\Alessio\AppData\Local\LogMeIn Hamachi
2015-03-12 12:26 - 2012-12-30 12:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-12 12:25 - 2013-05-25 11:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-12 12:25 - 2012-12-29 22:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-12 12:25 - 2009-07-14 05:51 - 00294019 _____ () C:\Windows\setupact.log
2015-03-12 12:24 - 2012-12-30 04:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-12 12:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-12 12:23 - 2014-09-14 21:49 - 00000000 ____D () C:\AdwCleaner
2015-03-12 12:01 - 2013-01-06 14:31 - 00000000 ____D () C:\Users\Alessio\AppData\Local\CrashDumps
2015-03-12 12:00 - 2015-01-08 14:15 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Adobe
2015-03-11 18:05 - 2010-11-21 04:47 - 00675612 _____ () C:\Windows\PFRO.log
2015-03-11 17:57 - 2013-06-25 16:00 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Warframe
2015-03-11 11:44 - 2012-12-29 22:40 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Google
2015-03-11 11:38 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-11 11:34 - 2009-07-14 05:45 - 00346416 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 11:04 - 2013-08-15 22:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 10:57 - 2013-06-27 00:24 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 10:15 - 2012-12-30 04:07 - 00000999 _____ () C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-08 11:54 - 2011-04-12 08:43 - 01283404 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 11:54 - 2011-04-12 08:43 - 00331438 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 11:54 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 11:47 - 2012-12-30 04:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 14:55 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-05 22:35 - 2013-01-25 22:54 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\TS3Client
2015-03-05 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-24 14:41 - 2013-05-27 20:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ____D () C:\ProgramData\Skype
2015-02-18 15:28 - 2014-11-20 18:02 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Dxtory Software
2015-02-18 15:07 - 2014-10-13 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-18 14:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-18 09:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-17 18:04 - 2013-12-04 20:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\ArmA 2 OA
2015-02-16 16:20 - 2013-02-08 23:47 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 10:45 - 2015-01-25 19:24 - 00000000 ____D () C:\Program Files (x86)\Glyph
2015-02-12 14:06 - 2014-12-12 12:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 14:06 - 2014-05-06 21:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 23:37 - 2014-04-15 16:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 23:36 - 2013-03-02 18:41 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 23:36 - 2013-03-02 18:41 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 23:36 - 2013-03-02 18:41 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 23:35 - 2013-03-02 18:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2013-03-26 21:37 - 2013-03-26 21:37 - 0046592 _____ (baCwJ5uAc4VR) C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe
2013-05-31 19:27 - 2013-08-27 13:18 - 0036864 _____ () C:\Users\Alessio\AppData\Roaming\RZR_0060f45e48b3b0e8dcec4d8da47b.db
2013-03-26 23:10 - 2013-03-26 23:10 - 0004743 _____ () C:\Users\Alessio\AppData\Roaming\ss.png
2013-03-26 21:22 - 2013-03-26 21:37 - 0046592 _____ (baCwJ5uAc4VR) C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak
2013-09-22 20:14 - 2014-09-07 17:46 - 0000177 _____ () C:\Users\Alessio\AppData\Roaming\WB.CFG
2013-12-02 19:36 - 2014-04-11 15:36 - 0012800 _____ () C:\Users\Alessio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-01 14:44 - 2014-11-01 14:44 - 0002227 _____ () C:\Users\Alessio\AppData\Local\recently-used.xbel
2013-05-14 13:07 - 2013-05-14 13:07 - 0024128 _____ () C:\Users\Alessio\AppData\Local\Temp1.jpg

Some content of TEMP:
====================
C:\Users\Alessio\AppData\Local\Temp\besC458.exe
C:\Users\Alessio\AppData\Local\Temp\bitool.dll
C:\Users\Alessio\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Alessio\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Alessio\AppData\Local\Temp\GUninstaller.exe
C:\Users\Alessio\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Alessio\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Alessio\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe
C:\Users\Alessio\AppData\Local\Temp\ICReinstall_winzip18-firedrive-2.exe
C:\Users\Alessio\AppData\Local\Temp\install_flashplayer14x32au_mssd_aaa_aih.exe
C:\Users\Alessio\AppData\Local\Temp\nsd8E36.exe
C:\Users\Alessio\AppData\Local\Temp\nsdE1B9.exe
C:\Users\Alessio\AppData\Local\Temp\nsi8BE4.exe
C:\Users\Alessio\AppData\Local\Temp\nsk1DD0.exe
C:\Users\Alessio\AppData\Local\Temp\nssDCE6.exe
C:\Users\Alessio\AppData\Local\Temp\nssDF57.exe
C:\Users\Alessio\AppData\Local\Temp\nsx90D5.exe
C:\Users\Alessio\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alessio\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alessio\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alessio\AppData\Local\Temp\nvStInst.exe
C:\Users\Alessio\AppData\Local\Temp\optprosetup.exe
C:\Users\Alessio\AppData\Local\Temp\optsetup.exe
C:\Users\Alessio\AppData\Local\Temp\Quarantine.exe
C:\Users\Alessio\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Alessio\AppData\Local\Temp\sdfC1C8.exe
C:\Users\Alessio\AppData\Local\Temp\setup.exe
C:\Users\Alessio\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alessio\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
C:\Users\Alessio\AppData\Local\Temp\sonarinst.exe
C:\Users\Alessio\AppData\Local\Temp\SpOrder.dll
C:\Users\Alessio\AppData\Local\Temp\Sqlite3.dll
C:\Users\Alessio\AppData\Local\Temp\supoptsetup.exe
C:\Users\Alessio\AppData\Local\Temp\WebCompanionInstaller.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-06 15:16

==================== End Of Log ============================
         
--- --- ---




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Alessio at 2015-03-12 13:46:30
Running from C:\Users\Alessio\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story DE 4.1.176 (HKLM-x32\...\4Story_DE_is1) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Browser Updater 1.1 (HKLM-x32\...\Browser Updater_is1) (Version:  - Browser Updater)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.11 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{D4BA1D6D-DACD-4411-9DEC-6BEE3793277E}) (Version: 0.92.95 - Dotjosh Studios)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
GDMO (HKLM-x32\...\DMO) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
GunZ2 (HKLM-x32\...\GunZ2) (Version:  - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.3.3 (HKLM-x32\...\{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}) (Version: 4.0.3.3 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
MEDUSA NX USB 5.1 Gaming Headset (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.4 - NETGEAR)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.15.96 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9fe8a752-f74c-45c7-a712-1398de096d70}) (Version: latest - ppy Pty Ltd)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2477.0 - Hi-Rez Studios)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Speed Test Analysis (HKLM-x32\...\Speed Test Analysis) (Version: 1.0.0.0 - SpeedAnalysis.com) <==== ATTENTION
Spider-Man 3 (TM) (HKLM-x32\...\InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}) (Version: 1.00.0000 - Activision)
Spider-Man 3(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
Unity Web Player (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Videobearbeitungs-Software (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
winengine (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\winengine) (Version: 20.020 - Ad business Crown Solutions)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-03-2015 14:26:30 Windows Update
08-03-2015 11:46:26 Installiert NETGEAR WNDA3100v2 wireless USB 2.0 driver
08-03-2015 11:49:31 Gerätetreiber-Paketinstallation: NETGEAR Inc. Netzwerkprotokoll
09-03-2015 12:12:55 Windows Update
11-03-2015 10:55:42 Windows Update
12-03-2015 11:59:07 LavasoftWeCompanion
12-03-2015 12:02:54 LavasoftWeCompanion

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E2B83DC-C03A-45CB-AD4F-16ECBAAA06CA} - System32\Tasks\{FB710A8C-3F20-4037-BA9F-2279DB8C60CE} => C:\Users\Alessio\Desktop\Spiele\Cube World\Server.exe
Task: {1D71DD0D-918A-411F-8C1F-C38D3F4B92A9} - System32\Tasks\{B712CEDA-CB66-487A-B1D0-16FCF3833331} => pcalua.exe -a C:\Users\Alessio\Downloads\pb35setup.exe -d C:\Users\Alessio\Downloads
Task: {1ED6DB81-95D4-4B4A-93C3-3B61C2869614} - System32\Tasks\{3B21737A-2EEE-4B80-9791-0CA45E4EAF79} => pcalua.exe -a "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe InDesign CS2\instmsiw.exe" -d "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe InDesign CS2"
Task: {247C1470-0DD9-41AA-A141-37540BCC668C} - System32\Tasks\{ECC14FBB-A210-44BF-8D17-90CFAE26A593} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {2EF31754-B9D1-40E1-80B1-903CE51B89E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {35596071-9BC2-41E5-B2B9-C49C82FFD345} - System32\Tasks\{960ABE80-50A4-4F97-828F-A3F8E9D4AF23} => pcalua.exe -a C:\Users\Alessio\Desktop\CS2_RetNon_Ger_2.exe -d C:\Users\Alessio\Desktop
Task: {3FEDD910-5225-45A1-9ED3-6D2FC0133681} - System32\Tasks\{DDB1CD15-9B67-416D-B21D-5EBEDD2258B6} => C:\Users\Alessio\Desktop\Spiele\Leagues of Legends\Dateipad\lol.launcher.exe [2012-04-24] ()
Task: {43DC7FE8-7A84-4957-9976-FC78A4C5E65C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {4CBDEA00-DB3A-47F5-8938-A1DBB93E4E9F} - System32\Tasks\{F555DCF7-5330-4992-8D0E-44803962035A} => pcalua.exe -a "C:\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe" -c "/appName=Angry Birds Space Bundle by SweetPacks"
Task: {5116F59E-BFC1-4DEC-B583-AF8D98340A93} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe <==== ATTENTION
Task: {6A9CB896-454F-4215-8A53-491B65F633CD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {6ABE04FA-43E5-4FD2-9A16-F47C36BE603E} - System32\Tasks\{E76D057E-E5CC-451F-A489-35E0711C5B54} => pcalua.exe -a "C:\Users\Alessio\Desktop\Spiele\Cube World\CubeLauncher.exe" -d "C:\Users\Alessio\Desktop\Spiele\Cube World"
Task: {6B5BF2CD-A7A4-43DB-BEBF-2B5C73F1B284} - System32\Tasks\{59712F7F-602B-4259-BC4A-F548DA1D39C8} => pcalua.exe -a C:\Users\Alessio\Downloads\S4_League.exe -d C:\Users\Alessio\Downloads
Task: {776CE386-3FF0-44F2-9329-DEA6CD841DC7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {798E7F0A-8A24-4746-B159-10A30453F181} - System32\Tasks\{A5848A69-81AF-4E23-94FE-FF5D088EF999} => pcalua.exe -a "C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {804B9EB3-6929-4223-B074-1C73241530F9} - System32\Tasks\{C4B7EC27-61A6-4F4A-AB88-42C1FC45D781} => pcalua.exe -a C:\Users\Alessio\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=obw <==== ATTENTION
Task: {809E5053-971E-4266-A206-18A382E1A764} - System32\Tasks\Windows Update Check - 0x05B00174 => C:\ProgramData\Chrome <==== ATTENTION
Task: {A2355A77-DABF-4F47-8816-514349A52D56} - System32\Tasks\{AB2A9000-5877-4F39-ABD8-165203A76308} => C:\Program Files (x86)\S4League\patcher_s4.exe
Task: {ACAE00EF-7BE7-4867-8B68-EF3912A49A8A} - System32\Tasks\{9425F20D-C1BE-4D99-BCBD-82AD7F4A72C7} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {B14A17CA-B4E5-47BB-8CEE-284D553D2AA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {B48C1041-F6D2-4432-B57A-53D52830AC20} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {C355A1C9-D143-4253-A2F6-125B60A794A0} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Alessio\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: {C8779DCA-8234-45DC-B195-770DCFC0E0E2} - System32\Tasks\{43ED0757-E288-4FDA-9F7B-48A48A47A945} => pcalua.exe -a "C:\Users\Alessio\Downloads\[Mutli] Installer v1.0\Multi[Installer] v1.0.exe" -d "C:\Users\Alessio\Downloads\[Mutli] Installer v1.0"
Task: {DAFB7EC2-4535-447E-B6F1-CE356597BB61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AllmyappsUpdateTask.job => C:\Users\Alessio\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-12-30 04:26 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-14 12:08 - 2014-07-14 12:08 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-03-11 10:09 - 2015-03-11 10:09 - 00211456 _____ () C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp
2015-03-11 22:06 - 2015-03-11 22:06 - 00136704 _____ () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsj7CCA.tmp
2013-05-11 18:40 - 2013-05-11 18:40 - 01992328 _____ () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
2015-03-08 11:47 - 2013-12-30 16:07 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2015-03-11 10:06 - 2015-03-11 10:06 - 00091648 _____ () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp
2015-03-11 10:08 - 2015-03-11 10:09 - 00094720 _____ () C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp
2014-12-12 13:34 - 2014-12-12 13:34 - 00511416 _____ () C:\Users\Alessio\AppData\Local\winengine\rkr1.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-06-12 18:11 - 2014-01-19 14:02 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-03-12 13:20 - 2015-03-12 13:20 - 02211832 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.239\deploy\LoLLauncher.exe
2015-03-12 13:20 - 2015-03-12 13:20 - 03796984 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcher.exe
2015-03-12 13:20 - 2015-03-12 13:20 - 03331064 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcherUx.exe
2013-03-25 13:23 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 13:52 - 2015-02-19 00:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-12-30 12:10 - 2015-02-19 00:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-03-08 11:47 - 2013-12-26 17:08 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2012-12-30 12:10 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-21 21:55 - 2014-03-24 09:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-10-21 21:55 - 2014-03-24 09:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2015-02-05 01:54 - 2015-02-05 01:54 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 01546744 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\RiotLauncher.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 43374072 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\libcef.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 01571832 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\icui18n.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 01253880 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\icuuc.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 05088760 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\v8.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 01638904 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\RiotRadsIO.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 01775096 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\libglesv2.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 00171512 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\libegl.dll
2015-03-12 13:20 - 2015-03-12 13:20 - 01056248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LEVxCIdNFBMA.lnk => C:\Windows\pss\LEVxCIdNFBMA.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lkYsOYc1bJT0.lnk => C:\Windows\pss\lkYsOYc1bJT0.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VnjnJP5w6eXE.lnk => C:\Windows\pss\VnjnJP5w6eXE.lnk.Startup

==================== Accounts: =============================

Administrator (S-1-5-21-4026364676-241273927-3108656300-500 - Administrator - Disabled)
Alessio (S-1-5-21-4026364676-241273927-3108656300-1000 - Administrator - Enabled) => C:\Users\Alessio
Gast (S-1-5-21-4026364676-241273927-3108656300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4026364676-241273927-3108656300-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2015 00:26:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/12/2015 00:02:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WebCompanion.exe, Version 1.1.913.1833 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a60

Startzeit: 01d05cb3e44f372d

Endzeit: 11

Anwendungspfad: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe

Berichts-ID: 4178bc50-c8a7-11e4-bc70-874082d81e3f

Error: (03/12/2015 00:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.1.5542, Zeitstempel: 0x54f851c0
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.1.5542, Zeitstempel: 0x54f8437e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x16a0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (03/12/2015 11:59:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adobe_flash_setup.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 418

Startzeit: 01d05cb358021774

Endzeit: 3

Anwendungspfad: C:\Users\Alessio\Downloads\adobe_flash_setup.exe

Berichts-ID: d054ad35-c8a6-11e4-bc70-df31dd597320

Error: (03/12/2015 11:50:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 06:07:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 05:44:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 11:38:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 11:35:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 10:47:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.1.0.105 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bc0

Startzeit: 01d05be01df6f95b

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: aade4331-c7d3-11e4-ab4a-c39ce33ff254


System errors:
=============
Error: (03/12/2015 01:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/12/2015 00:25:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Mountain Bike" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/12/2015 00:25:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Common Client Job Manager Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/12/2015 00:25:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/12/2015 00:05:12 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/12/2015 00:04:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Util Between Lines" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2015 00:00:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/12/2015 11:58:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/12/2015 11:50:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Mountain Bike" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/12/2015 11:50:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Common Client Job Manager Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/12/2015 00:26:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/12/2015 00:02:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WebCompanion.exe1.1.913.18331a6001d05cb3e44f372d11C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe4178bc50-c8a7-11e4-bc70-874082d81e3f

Error: (03/12/2015 00:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e0216a001d05cb3b3d7477fC:\Program Files (x86)\Mozilla Firefoxy\plugin-container.exeC:\Program Files (x86)\Mozilla Firefoxy\mozalloc.dll1b79019f-c8a7-11e4-bc70-874082d81e3f

Error: (03/12/2015 11:59:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adobe_flash_setup.exe0.0.0.041801d05cb3580217743C:\Users\Alessio\Downloads\adobe_flash_setup.exed054ad35-c8a6-11e4-bc70-df31dd597320

Error: (03/12/2015 11:50:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 06:07:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 05:44:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 11:38:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 11:35:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/11/2015 10:47:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.1.0.105bc001d05be01df6f95b4C:\Program Files (x86)\Skype\Phone\Skype.exeaade4331-c7d3-11e4-ab4a-c39ce33ff254


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8144.44 MB
Available physical RAM: 4852.51 MB
Total Pagefile: 16287.06 MB
Available Pagefile: 12546.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:963.51 GB) NTFS
Drive d: (WNDA3100v2) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1A2000CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 13.03.2015, 08:03   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Speed Test Analysis


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.03.2015, 12:48   #5
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Code:
ATTFilter
ComboFix 15-03-09.01 - Alessio 13.03.2015  12:29:53.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8144.5277 [GMT 1:00]
ausgeführt von:: c:\users\Alessio\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Local Settings\Temp
c:\programdata\Local Settings\Temp\msyaravy.scr
c:\windows\ico.ico
c:\windows\msdownld.tmp
c:\windows\SysWow64\Dump
c:\windows\SysWow64\Dump\MiniDump.dmp
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\server.cfg
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-02-13 bis 2015-03-13  ))))))))))))))))))))))))))))))
.
.
2015-03-13 11:22 . 2015-03-13 11:22	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-03-13 11:11 . 2015-01-29 09:07	11910896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86616AE5-5CA0-442A-AA8E-174C4A0D0AB5}\mpengine.dll
2015-03-12 12:44 . 2015-03-12 12:46	--------	d-----w-	C:\FRST
2015-03-12 12:19 . 2015-03-12 12:19	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2015-03-12 11:07 . 2015-01-29 09:07	11910896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-03-12 11:00 . 2015-03-09 10:32	372248	----a-w-	c:\windows\system32\LavasoftTcpService64.dll
2015-03-12 11:00 . 2015-03-09 10:32	325944	----a-w-	c:\windows\SysWow64\LavasoftTcpService.dll
2015-03-11 09:29 . 2015-02-03 03:31	37376	----a-w-	c:\windows\system32\pcadm.dll
2015-03-11 09:28 . 2015-02-03 03:31	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-03-11 09:26 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-03-11 09:26 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-03-11 09:09 . 2015-03-13 11:05	--------	d-----w-	c:\users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D
2015-03-11 09:08 . 2015-03-11 09:09	--------	d-----w-	c:\users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D
2015-03-11 09:06 . 2015-03-11 09:06	--------	d-----w-	c:\users\Alessio\AppData\Local\F1F1D280-1426068395-11DD-896D-3085A9AF655D
2015-03-11 09:05 . 2015-03-12 23:03	--------	d-----w-	c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D
2015-03-11 09:04 . 2015-03-11 09:04	--------	d-----w-	c:\programdata\BlueStacksSetup
2015-03-11 09:04 . 2015-03-11 09:04	--------	d-----w-	c:\users\Alessio\AppData\Local\Bluestacks
2015-03-11 09:04 . 2015-03-11 09:21	--------	d-----w-	c:\programdata\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}
2015-03-11 09:04 . 2015-03-11 09:04	--------	d-----w-	c:\programdata\{7a382bfb-7e4f-0314-7a38-82bfb7e4afed}
2015-03-11 09:04 . 2015-03-11 09:04	--------	d-----w-	c:\users\Alessio\AppData\Local\winengine
2015-03-08 10:49 . 2007-01-19 17:24	25312	----a-r-	c:\windows\system32\drivers\SCMNdisP.sys
2015-03-08 10:47 . 2011-12-12 16:42	1256192	----a-w-	c:\windows\system32\drivers\bcmwlhigh664.sys
2015-03-08 10:47 . 2011-04-19 16:52	95544	----a-w-	c:\windows\system32\bcmwlcoi.dll
2015-03-08 10:47 . 2011-04-19 16:31	3900928	----a-w-	c:\windows\system32\bcmihvsrv64.dll
2015-03-08 10:47 . 2011-04-19 16:31	3566592	----a-w-	c:\windows\system32\bcmihvui64.dll
2015-03-08 10:47 . 2010-06-09 12:11	1721576	----a-w-	c:\windows\system32\WdfCoInstaller01009.dll
2015-03-08 10:47 . 2010-02-03 10:21	47632	----a-w-	c:\windows\system32\drivers\npf.sys
2015-03-08 10:47 . 2015-03-08 10:47	--------	d-----w-	c:\program files (x86)\NETGEAR
2015-03-08 10:46 . 2015-03-08 10:46	--------	d-----w-	c:\users\Alessio\AppData\Roaming\InstallShield
2015-02-21 10:34 . 2014-09-16 15:19	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{22CCABEC-C6D1-46B7-A89C-2FEE49997410}\gapaengine.dll
2015-02-20 07:25 . 2015-02-20 07:25	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2015-02-19 10:11 . 2015-02-19 10:11	--------	d-----w-	c:\users\Alessio\AppData\Local\Steam
2015-02-18 14:07 . 2015-02-18 14:07	--------	d-----w-	C:\UpdateChromeLinksLogs
2015-02-18 14:06 . 2015-02-18 14:06	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2015-02-18 14:06 . 2015-02-18 14:06	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2015-02-18 14:06 . 2015-02-18 14:06	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2015-02-17 16:26 . 2015-01-09 03:14	91136	----a-w-	c:\windows\system32\wdi.dll
2015-02-17 16:26 . 2015-01-09 03:14	950272	----a-w-	c:\windows\system32\perftrack.dll
2015-02-17 16:26 . 2015-01-09 03:14	29696	----a-w-	c:\windows\system32\powertracker.dll
2015-02-17 16:26 . 2015-01-09 02:48	76800	----a-w-	c:\windows\SysWow64\wdi.dll
2015-02-11 14:19 . 2015-02-04 03:16	609280	----a-w-	c:\windows\system32\generaltel.dll
2015-02-11 14:19 . 2015-02-04 03:16	894976	----a-w-	c:\windows\system32\appraiser.dll
2015-02-11 14:19 . 2015-02-04 03:13	1098752	----a-w-	c:\windows\system32\aeinv.dll
2015-02-11 14:19 . 2015-02-04 03:16	762368	----a-w-	c:\windows\system32\invagent.dll
2015-02-11 14:19 . 2015-02-04 03:16	414720	----a-w-	c:\windows\system32\devinv.dll
2015-02-11 14:19 . 2015-02-04 03:16	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-02-11 14:19 . 2015-02-04 03:16	192000	----a-w-	c:\windows\system32\aepic.dll
2015-02-11 14:19 . 2015-01-27 23:36	1239720	----a-w-	c:\windows\system32\aitstatic.exe
2015-02-11 14:18 . 2014-11-26 03:53	861696	----a-w-	c:\windows\system32\oleaut32.dll
2015-02-11 14:18 . 2014-11-26 03:32	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2015-02-11 14:18 . 2014-12-08 03:09	406528	----a-w-	c:\windows\system32\scesrv.dll
2015-02-11 14:18 . 2014-12-08 02:46	308224	----a-w-	c:\windows\SysWow64\scesrv.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-11 09:57 . 2013-06-26 23:24	122905848	----a-w-	c:\windows\system32\MRT.exe
2015-03-05 13:48 . 2013-02-20 20:17	226680	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-03-05 13:48 . 2013-02-20 20:17	226680	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-03-03 13:17 . 2010-11-21 03:27	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-16 15:20 . 2013-02-08 22:47	33856	---ha-w-	c:\windows\system32\hamachi.sys
2015-02-05 00:54 . 2012-12-29 21:40	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 00:54 . 2012-12-29 21:40	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-19 03:06 . 2015-01-14 14:43	210432	----a-w-	c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 14:43	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-02-18 2874048]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2013-05-11 438272]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2015-01-27 3619160]
"Akamai NetSession Interface"="c:\users\Alessio\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"winengine"="c:\users\Alessio\AppData\Local\winengine\rkr0.exe" [2014-12-12 511416]
"winengine2"="c:\users\Alessio\AppData\Local\winengine\rkr1.exe" [2014-12-12 511416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-08-19 448856]
"4StoryPrePatch"="c:\program files (x86)\Gameforge4D\4Story_DE\PrePatch.exe" [2013-02-19 327680]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"Sound Blaster Tactic3D Control Panel"="c:\program files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" [2014-07-03 2091008]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-02-17 3978600]
.
c:\users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SuperOptimizerInstaller.lnk - c:\programdata\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe /startup [2014-3-11 5838864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\ccsvchst.exe]
"Debugger"=skskj.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\symerr.exe]
"Debugger"=jtkyy.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 aclrtvfz;aclrtvfz;c:\windows\system32\drivers\aclrtvfz.sys;c:\windows\SYSNATIVE\drivers\aclrtvfz.sys [x]
R1 dfxdnxpi;dfxdnxpi;c:\windows\system32\drivers\dfxdnxpi.sys;c:\windows\SYSNATIVE\drivers\dfxdnxpi.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Util Mountain Bike;Util Mountain Bike;c:\program files (x86)\Mountain Bike\bin\utilMountainBike.exe;c:\program files (x86)\Mountain Bike\bin\utilMountainBike.exe [x]
R2 WSWNDA3100v2;WSWNDA3100v2;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130208.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130226.002\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130226.002\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pumygydy;Border Width;c:\users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp;c:\users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sufezyzy;Callout Drag And Drop;c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nso7EDF.tmp;c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nso7EDF.tmp [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 xebejehi;Graphic Design Multimedia;c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp;c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp [x]
S2 zizudobe;Hash Key Renew;c:\users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp;c:\users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp [x]
S3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 CMUSBDAC;USB Audio Class 1.0 and 2.0 DAC Device Driver;c:\windows\system32\DRIVERS\CMUSBDAC.sys;c:\windows\SYSNATIVE\DRIVERS\CMUSBDAC.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 UHSfiltv;UHSfiltv;c:\windows\system32\drivers\UHSfiltv.sys;c:\windows\SYSNATIVE\drivers\UHSfiltv.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-12 17:08	1061704	----a-w-	c:\program files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-29 00:54]
.
2015-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 21:40]
.
2015-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 21:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-03-29 7174728]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"Cm106Sound"="c:\windows\Syswow64\cm106.dll" [2011-03-31 8151040]
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccsvchst.exe]
"Debugger"=skskj.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symerr.exe]
"Debugger"=jtkyy.exe
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/?gws_rd=ssl
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = 
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-GoogleDriveSync - c:\program files (x86)\Google\Drive\googledrivesync.exe
Wow6432Node-HKCU-Run-Web Companion - c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
Wow6432Node-HKLM-Run-Aeria Ignite - c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe
Wow6432Node-HKLM-Explorer_Run-14206 - c:\progra~3\LOCALS~1\Temp\msyaravy.scr
c:\users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LEVxCIdNFBMA.lnk - c:\users\Alessio\AppData\Local\Temp\LEVxCIdNFBMA.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-BandiMPEG1 - c:\program files (x86)\BandiMPEG1\uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-Browser Updater_is1 - c:\program files (x86)\Browser Updater\unins000.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\uninst.exe
AddRemove-{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1 - c:\users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\vxvj29up.default\extensions\cliqz@cliqz.com\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pumygydy]
"ImagePath"="c:\users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sufezyzy]
"ImagePath"="c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nso7EDF.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xebejehi]
"ImagePath"="c:\users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\zizudobe]
"ImagePath"="c:\users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\SysWOW64\rundll32.exe
c:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
c:\programdata\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe
c:\program files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-03-13  12:44:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-03-13 11:44
.
Vor Suchlauf: 25 Verzeichnis(se), 1.032.753.860.608 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 1.034.833.707.008 Bytes frei
.
- - End Of File - - 3CAA2A2AA7C4F26A0A1E32700C678BED
A36C5E4F47E84449FF07ED3517B43A31
         
So das zu den logs jz ich persöhnlich.
Also es öffnet immernoch internet tabs und bei dem revo installer da war nix mit reste löschen nach dem uninstall hat der nach überresten gesucht aber nichts gefunden und es gelassen also hab ich den 2ten schritt da garnicht machen können mit dem markiere alle löschen aber es ist auf jeden fall deinstalliert. Und dann noch das andere da mit dem installationsfenster das einfach mal so kommt das heißt AnyWhereAccesSetup Wizard. So und das hat nen shortcut auf dem desktop nachdem dein programm da durchgelaufen ist und ich rechtsklick dateipfad öffnen machte war da keiner und das wurde gelöscht jetzt grad eben kam wieder der AnyWhereAccesSetup und das shortcut ist wieder da und hat einen dateipfad Alessio/AppData/Local/Temp falls dir das weiterhilft.. ziemlich komisch das die datei dann wiederkommt obwohl sie gelöscht war.
(das hab ich jz dazu editiert) Grad kam nochwas dazu jz sind irgendwelche wörter auf jeder seite markiert und unterstrichen und wenn ich drüber gehe werden mir werbeseiten angezeigt das wird immer komischer.


Danke für deine Hilfe

gruß
Alessio


Geändert von Alessio (13.03.2015 um 13:37 Uhr)

Alt 13.03.2015, 17:22   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



wir sind ja auch noch nit fertig.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.

Alt 13.03.2015, 18:42   #7
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Vielen Dank schonmal bisher wie es aussieht hat es geklappt nachdem ich das junkware tool benutzt habe und hier die logs. Jz sind nur noch manche Wörter underlined und weisen auf Werbung hin.
(das hab ich jetzt wieder dazu edited falls dus schon gelesen hast) dieser AnyWhereAccessSetup Wizard hat sich jz trzdem wieder geöffnet und die eine datei die der Adw cleaner gelöscht hat ist jz wieder auf meinem Desktop
die heißt "ContinueLive Installation" Hoffe es hilft dir weiter is wohl doch noch nich verschwunden.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 13.03.2015
Suchlauf-Zeit: 18:05:28
Logdatei: Malware.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.13.06
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Alessio

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 382227
Verstrichene Zeit: 8 Min, 39 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.WinEngine.A, C:\Users\Alessio\AppData\Local\winengine\rkr1.exe, 4744, , [a16941047812f44254c8c9e89f64eb15]

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 9
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccsvchst.exe, , [0dfd3411a2e86ec8249a4a2e2dd7bf41], 
PUP.Optional.SpeedTestAnalysis.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kckgnnipheglejoddfhekdjpbdbinhmb, , [ee1c52f3c6c40b2be9d881769a697a86], 
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccsvchst.exe, , [df2b1035cbbf6ec817a77bfde81c9b65], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, , [e426380d157525119ccf20b6be4505fb], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{ff148bd5}, , [68a244010486eb4be58613c320e325db], 
PUP.Optional.MountainBike.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Mountain Bike, , [e327a0a5e1a9ff3740ec713f12f18a76], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [b1591a2b4c3eb68032bc57bfc63f4cb4], 
PUP.Optional.FunMoods.A, HKU\S-1-5-21-4026364676-241273927-3108656300-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\funmoodsToolbar, , [fc0e84c14c3e2e08c7d6d143c63fa957], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-4026364676-241273927-3108656300-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [51b9f55093f751e579e1fcaea3600bf5], 

Registrierungswerte: 6
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|14206, C:\PROGRA~3\LOCALS~1\Temp\msyaravy.scr, , [bb4f1b2afd8d181e9e50288fc34128d8]
PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368341829343&tguid=43169-3580-1368341829343-1E412300B57E10A25839CCBA161F0997&q=%s, , [ee1cb19478126ec8ba6bd603cb381ce4]
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|14206, C:\PROGRA~3\LOCALS~1\Temp\msyaravy.scr, , [35d548fd5832a294608e52651fe5827e]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, , [b1591a2b4c3eb68032bc57bfc63f4cb4], 
PUP.Optional.WinEngine.A, HKU\S-1-5-21-4026364676-241273927-3108656300-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|winengine, C:\Users\Alessio\AppData\Local\winengine\rkr0.exe, , [917951f44d3d2412f5275160b94ace32]
PUP.Optional.WinEngine.A, HKU\S-1-5-21-4026364676-241273927-3108656300-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|winengine2, C:\Users\Alessio\AppData\Local\winengine\rkr1.exe, , [a16941047812f44254c8c9e89f64eb15]

Registrierungsdaten: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-4026364676-241273927-3108656300-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368341829343&tguid=43169-3580-1368341829343-1E412300B57E10A25839CCBA161F0997&q=%s, Gut: (www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368341829343&tguid=43169-3580-1368341829343-1E412300B57E10A25839CCBA161F0997&q=%s),,[0cfe54f1c9c182b455d1ebfdab5aec14]

Ordner: 4
Trojan.Agent.MNR, C:\Users\Alessio\AppData\Roaming\SODXN, , [e62453f292f88aacf52529e258adb14f], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\mz, , [b258ab9a6d1d16207de42e66b74c0ef2], 

Dateien: 45
PUP.Optional.OptimizerPR0, C:\ProgramData\{7a382bfb-7e4f-0314-7a38-82bfb7e4afed}\OptimizerProInstaller.exe, , [4dbdda6b0a80043241e98ea2f012857b], 
PUP.BitcoinMiner, C:\Users\Alessio\AppData\Roaming\SODXN\coinutil.dll, , [dd2d78cd15750e28342165c03bc6b54b], 
PUP.BitCoinMiner, C:\Users\Alessio\AppData\Roaming\SODXN\miner.dll, , [81892c19f7939f976b3927c8649cb848], 
Trojan.BitMiner, C:\Users\Alessio\AppData\Roaming\SODXN\program.exe, , [c14933127614d95d99abbb4618e934cc], 
PUP.BitCoinMiner, C:\Users\Alessio\AppData\Roaming\SODXN\usft_ext.dll, , [6b9f8bbadcae5ed8a468c056cf32e818], 
PUP.BitcoinMiner, C:\Users\Alessio\AppData\Roaming\Uisbb\coinutil.dll, , [24e62124256586b0371e64c1926fb64a], 
PUP.BitCoinMiner, C:\Users\Alessio\AppData\Roaming\Uisbb\miner.dll, , [27e398adeb9f7cba31738f6098685ca4], 
Trojan.BitMiner, C:\Users\Alessio\AppData\Roaming\Uisbb\program.exe, , [8b7fa1a4e7a3b87e083c39c8976a1be5], 
PUP.BitCoinMiner, C:\Users\Alessio\AppData\Roaming\Uisbb\usft_ext.dll, , [22e8c08524665bdbe22a8c8aff021be5], 
PUP.BitcoinMiner, C:\Users\Alessio\AppData\Roaming\gFtOF\coinutil.dll, , [5eac89bc1e6ca4927fd645e007fa51af], 
PUP.BitCoinMiner, C:\Users\Alessio\AppData\Roaming\gFtOF\miner.dll, , [12f8271e06841323e8bc529dce320ff1], 
Trojan.BitMiner, C:\Users\Alessio\AppData\Roaming\gFtOF\program.exe, , [40ca380ddeac63d3f351867bcb3642be], 
PUP.BitCoinMiner, C:\Users\Alessio\AppData\Roaming\gFtOF\usft_ext.dll, , [b65454f15733f2448b81d4426d94d828], 
PUP.Optional.Popeler, C:\Users\Alessio\Downloads\Castle%20Clash.exe, , [8387fd48cac0013561f26467a3625fa1], 
PUP.Optional.Conduit.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kppnoegbbaphhibbpdojjiehofchhdgk_0.localstorage, , [46c4083d8208c571106f506607fc3fc1], 
Trojan.JobX, C:\Windows\System32\Tasks\Windows Update Check - 0x05B00174, , [ec1ed5706d1da4926214488c2ed58d73], 
PUP.Optional.Incredibar.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage, , [cc3e2b1a5e2c3ef8f91202e6748fcf31], 
Trojan.Agent.MNR, C:\Users\Alessio\AppData\Roaming\SODXN\phatk.ptx, , [e62453f292f88aacf52529e258adb14f], 
Trojan.Agent.MNR, C:\Users\Alessio\AppData\Roaming\SODXN\coinutil.dll, , [e62453f292f88aacf52529e258adb14f], 
Trojan.Agent.MNR, C:\Users\Alessio\AppData\Roaming\SODXN\miner.dll, , [e62453f292f88aacf52529e258adb14f], 
Trojan.Agent.MNR, C:\Users\Alessio\AppData\Roaming\SODXN\phatk.cl, , [e62453f292f88aacf52529e258adb14f], 
Trojan.Agent.MNR, C:\Users\Alessio\AppData\Roaming\SODXN\usft_ext.dll, , [e62453f292f88aacf52529e258adb14f], 
PUP.Optional.Desk365.A, C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk, , [da301134107ac86ed1e046d0f60f3fc1], 
PUP.Optional.WinEngine.A, C:\Users\Alessio\AppData\Local\winengine\rkr0.exe, , [917951f44d3d2412f5275160b94ace32], 
PUP.Optional.WinEngine.A, C:\Users\Alessio\AppData\Local\winengine\rkr1.exe, , [a16941047812f44254c8c9e89f64eb15], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\background.html, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\bg.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\ci.bg.pack.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\ci.browser.helper.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\ci.content.pack.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\content.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon128.png, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon16.png, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon24.ico, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon24.png, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon32.ico, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon32.png, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\icon48.png, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\jquery-1.6.2.min.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\jquery.uuid.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\manifest.json, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\popup.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\settings.json, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\mz\background.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 
PUP.Optional.SpeedTestAnalysis.A, C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_1\mz\content.js, , [b258ab9a6d1d16207de42e66b74c0ef2], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.112 - Bericht erstellt 13/03/2015 um 18:27:30
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Alessio - ALESSIO-PC
# Gestarted von : C:\Users\Alessio\Downloads\AdwCleaner_4.112(6).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Alessio\Desktop\Continue Live Installation.lnk

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.1 (x86 de)


-\\ Google Chrome v41.0.2272.89


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [53321 Bytes] - [14/09/2014 21:49:47]
AdwCleaner[R10].txt - [2323 Bytes] - [13/03/2015 01:01:05]
AdwCleaner[R11].txt - [2443 Bytes] - [13/03/2015 18:26:06]
AdwCleaner[R1].txt - [1122 Bytes] - [13/10/2014 22:11:03]
AdwCleaner[R2].txt - [1894 Bytes] - [03/11/2014 18:10:02]
AdwCleaner[R3].txt - [5695 Bytes] - [18/12/2014 16:17:38]
AdwCleaner[R4].txt - [1562 Bytes] - [04/02/2015 16:12:20]
AdwCleaner[R5].txt - [13744 Bytes] - [11/03/2015 10:11:23]
AdwCleaner[R6].txt - [1891 Bytes] - [11/03/2015 10:33:44]
AdwCleaner[R7].txt - [1805 Bytes] - [11/03/2015 10:40:12]
AdwCleaner[R8].txt - [2402 Bytes] - [11/03/2015 18:01:50]
AdwCleaner[R9].txt - [3225 Bytes] - [12/03/2015 12:21:45]
AdwCleaner[S0].txt - [47786 Bytes] - [14/09/2014 21:50:45]
AdwCleaner[S10].txt - [2385 Bytes] - [13/03/2015 01:02:38]
AdwCleaner[S11].txt - [1832 Bytes] - [13/03/2015 18:27:30]
AdwCleaner[S1].txt - [1078 Bytes] - [13/10/2014 22:13:05]
AdwCleaner[S2].txt - [1901 Bytes] - [03/11/2014 18:11:59]
AdwCleaner[S3].txt - [5302 Bytes] - [18/12/2014 16:20:43]
AdwCleaner[S4].txt - [1623 Bytes] - [04/02/2015 16:14:29]
AdwCleaner[S5].txt - [12027 Bytes] - [11/03/2015 10:15:50]
AdwCleaner[S6].txt - [1952 Bytes] - [11/03/2015 10:36:00]
AdwCleaner[S7].txt - [1866 Bytes] - [11/03/2015 10:43:45]
AdwCleaner[S8].txt - [2463 Bytes] - [11/03/2015 18:04:21]
AdwCleaner[S9].txt - [3286 Bytes] - [12/03/2015 12:23:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2424  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Alessio on 13.03.2015 at 18:34:12,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211771193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211771193}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Alessio\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Alessio\appdata\local\cre"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Alessio\AppData\Roaming\mozilla\firefox\profiles\yx9kfsx8.default-1418917023564\prefs.js

user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "ima");
user_pref("browser.search.searchengine.uid", "ST2000DM001-9YN164_Z1E1P2PCXXXXZ1E1P2PC");
Emptied folder: C:\Users\Alessio\AppData\Roaming\mozilla\firefox\profiles\yx9kfsx8.default-1418917023564\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.03.2015 at 18:36:39,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und hier jz die neue FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Alessio (administrator) on ALESSIO-PC on 13-03-2015 18:38:02
Running from C:\Users\Alessio\Downloads
Loaded Profiles: Alessio (Available profiles: Alessio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsj7F88.tmp
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Super PC Tools Ltd) C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-05-11] (NEXON Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
IFEO\symerr.exe: [Debugger] jtkyy.exe
Startup: C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4026364676-241273927-3108656300-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52166;https=127.0.0.1:52166
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4026364676-241273927-3108656300-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-17] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll [2013-02-01] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL [2012-06-21] (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll [2013-02-01] (Symantec Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2013-12-14] (Nexon)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4026364676-241273927-3108656300-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alessio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Extension: Zoom It - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\Extensions\{89322f21-4dab-1726-6081-084c403dcecf} [2015-03-13]
FF Extension: Adblock Plus - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-06]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn [2015-03-13]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\netsight@nielsen.xpi
FF HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\vxvj29up.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-12]
CHR Extension: (Docs) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12]
CHR Extension: (Google Drive) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-12]
CHR Extension: (Google Search) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-12]
CHR Extension: (Google Sheets) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814976 2015-02-06] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-12-07] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-12-15] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 neverode; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsj7F88.tmp [207872 2015-03-13] () [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [123320 2011-11-07] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-15] ()
R2 pumygydy; C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp [211456 2015-03-11] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
R2 xebejehi; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp [91648 2015-03-11] () [File not signed]
R2 zizudobe; C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp [94720 2015-03-11] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [1388120 2013-01-16] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130226.002\IDSvia64.sys [513184 2012-12-28] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130227.003\ENG64.SYS [126192 2013-01-19] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130227.003\EX64.SYS [2087664 2013-01-19] (Symantec Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-12-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2011-03-31] (C-Media Electronics Inc)
S1 aclrtvfz; \??\C:\Windows\system32\drivers\aclrtvfz.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 dfxdnxpi; \??\C:\Windows\system32\drivers\dfxdnxpi.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-13 18:38 - 2015-03-13 18:38 - 00025452 _____ () C:\Users\Alessio\Downloads\FRST.txt
2015-03-13 18:36 - 2015-03-13 18:36 - 00001725 _____ () C:\Users\Alessio\Desktop\JRT.txt.txt
2015-03-13 18:33 - 2015-03-13 18:33 - 01388333 _____ (Thisisu) C:\Users\Alessio\Desktop\JRT.exe
2015-03-13 18:25 - 2015-03-13 18:31 - 00002505 _____ () C:\Users\Alessio\Desktop\AdwCleaner.txt.txt
2015-03-13 18:24 - 2015-03-13 18:24 - 02171392 _____ () C:\Users\Alessio\Downloads\AdwCleaner_4.112(6).exe
2015-03-13 18:16 - 2015-03-13 18:16 - 00012277 _____ () C:\Users\Alessio\Desktop\mbam.txt.txt
2015-03-13 18:05 - 2015-03-13 18:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-13 18:04 - 2015-03-13 18:04 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-13 18:04 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-13 18:04 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 18:04 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-13 18:03 - 2015-03-13 18:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alessio\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-13 12:44 - 2015-03-13 12:44 - 00029781 _____ () C:\ComboFix.txt
2015-03-13 12:28 - 2015-03-13 12:44 - 00000000 ____D () C:\Qoobox
2015-03-13 12:28 - 2015-03-13 12:43 - 00000000 ____D () C:\Windows\erdnt
2015-03-13 12:28 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 12:28 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 12:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 12:26 - 2015-03-13 12:27 - 05613296 ____R (Swearware) C:\Users\Alessio\Desktop\ComboFix.exe
2015-03-13 12:22 - 2015-03-13 12:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alessio\Downloads\revosetup95.exe
2015-03-13 12:22 - 2015-03-13 12:22 - 00001264 _____ () C:\Users\Alessio\Desktop\Revo Uninstaller.lnk
2015-03-13 12:22 - 2015-03-13 12:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-12 13:46 - 2015-03-12 13:46 - 00038976 _____ () C:\Users\Alessio\Desktop\Addition1.txt
2015-03-12 13:45 - 2015-03-12 13:46 - 00068301 _____ () C:\Users\Alessio\Desktop\FRST1.txt
2015-03-12 13:44 - 2015-03-13 18:38 - 00000000 ____D () C:\FRST
2015-03-12 13:44 - 2015-03-12 13:44 - 02095616 _____ (Farbar) C:\Users\Alessio\Downloads\FRST64.exe
2015-03-12 13:19 - 2015-03-12 13:19 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-12 13:19 - 2015-03-12 13:19 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-12 13:19 - 2015-03-12 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-12 12:00 - 2015-03-09 11:32 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-12 12:00 - 2015-03-09 11:32 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00830600 _____ (Internet software ) C:\Users\Alessio\Downloads\adobe_flash_setup.exe
2015-03-11 14:31 - 2015-03-11 14:32 - 00000000 ____D () C:\Users\Alessio\Desktop\YT Dlds
2015-03-11 14:30 - 2015-03-11 14:30 - 11123720 _____ () C:\Users\Alessio\Downloads\YTDSetup.exe
2015-03-11 11:46 - 2015-03-11 11:46 - 00243528 _____ () C:\Users\Alessio\Downloads\Firefox Setup Stub 36.0.1.exe
2015-03-11 10:30 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:30 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:30 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:30 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:30 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:30 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 10:30 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 10:30 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 10:30 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 10:30 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 10:30 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 10:30 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 10:30 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:30 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:30 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 10:29 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 10:29 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:29 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 10:29 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 10:29 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 10:29 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 10:29 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:28 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:28 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:28 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 10:28 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:28 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:28 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:28 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:28 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:28 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:28 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 10:28 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 10:28 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:28 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:28 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:28 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:28 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:28 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 10:28 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 10:28 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:28 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 10:28 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:28 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:28 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:28 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:28 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:28 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:28 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:28 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:28 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:26 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:26 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 10:09 - 2015-03-13 18:34 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D
2015-03-11 10:08 - 2015-03-11 10:09 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D
2015-03-11 10:06 - 2015-03-11 10:06 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068395-11DD-896D-3085A9AF655D
2015-03-11 10:05 - 2015-03-13 16:37 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D
2015-03-11 10:04 - 2015-03-13 18:18 - 00000000 ____D () C:\Users\Alessio\AppData\Local\winengine
2015-03-11 10:04 - 2015-03-13 18:17 - 00000000 ____D () C:\ProgramData\{7a382bfb-7e4f-0314-7a38-82bfb7e4afed}
2015-03-11 10:04 - 2015-03-11 10:21 - 00000000 ____D () C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Bluestacks
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-08 11:51 - 2015-03-08 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-03-08 11:49 - 2007-01-19 18:24 - 00025312 ____R (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2015-03-08 11:47 - 2015-03-08 11:47 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-03-08 11:47 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-03-08 11:47 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-03-08 11:47 - 2010-06-09 13:11 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-03-08 11:46 - 2015-03-08 11:46 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\InstallShield
2015-03-06 15:47 - 2015-03-12 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-04 21:59 - 2015-03-04 22:00 - 00000000 ____D () C:\Users\Alessio\Desktop\AoT
2015-02-26 11:37 - 2015-02-27 11:05 - 00000391 _____ () C:\Users\Alessio\Desktop\Miss.txt
2015-02-25 11:19 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 11:19 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157(1).exe
2015-02-24 14:36 - 2015-03-05 14:42 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-02-24 14:36 - 2015-03-05 14:42 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-19 11:11 - 2015-02-19 11:11 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Steam
2015-02-18 15:06 - 2015-02-18 15:06 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-02-18 00:19 - 2015-02-18 09:41 - 00019627 _____ () C:\Users\Alessio\Desktop\ALN.odt
2015-02-17 23:12 - 2015-02-17 23:13 - 00000582 _____ () C:\Users\Alessio\Desktop\Jokes.txt
2015-02-17 23:10 - 2015-02-17 23:54 - 00000140 _____ () C:\Users\Alessio\Desktop\Quellen.txt
2015-02-17 17:26 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 17:26 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-15 12:14 - 2015-02-15 12:14 - 00000222 _____ () C:\Users\Alessio\Desktop\GunZ 2 The Second Duel.url
2015-02-11 15:19 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:19 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:19 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:19 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:18 - 2015-02-11 15:18 - 00003550 _____ () C:\Users\Alessio\Desktop\AOT.txt
2015-02-11 15:18 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:18 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:18 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:18 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-13 18:37 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-13 18:37 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-13 18:35 - 2012-12-30 04:03 - 01200277 _____ () C:\Windows\WindowsUpdate.log
2015-03-13 18:34 - 2013-01-06 14:31 - 00000000 ____D () C:\Users\Alessio\AppData\Local\CrashDumps
2015-03-13 18:31 - 2013-05-25 11:40 - 00000000 ____D () C:\ProgramData\Origin
2015-03-13 18:31 - 2012-12-29 23:16 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Skype
2015-03-13 18:30 - 2013-02-08 23:46 - 00000000 ____D () C:\Users\Alessio\AppData\Local\LogMeIn Hamachi
2015-03-13 18:29 - 2013-05-25 11:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-13 18:29 - 2012-12-30 12:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-13 18:29 - 2012-12-29 22:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-13 18:29 - 2009-07-14 05:51 - 00295083 _____ () C:\Windows\setupact.log
2015-03-13 18:28 - 2012-12-30 04:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-13 18:28 - 2010-11-21 04:47 - 00693784 _____ () C:\Windows\PFRO.log
2015-03-13 18:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 18:27 - 2014-09-14 21:49 - 00000000 ____D () C:\AdwCleaner
2015-03-13 18:17 - 2013-03-26 22:13 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\gFtOF
2015-03-13 18:17 - 2013-03-26 19:49 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Uisbb
2015-03-13 18:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2015-03-13 18:07 - 2012-12-29 22:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 17:54 - 2013-02-25 18:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-13 12:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-13 12:38 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 12:35 - 2009-07-14 03:34 - 67633152 _____ () C:\Windows\system32\config\software.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-03-12 21:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 12:39 - 2013-03-16 10:54 - 00000000 ____D () C:\Fraps
2015-03-12 12:00 - 2015-01-08 14:15 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Adobe
2015-03-11 17:57 - 2013-06-25 16:00 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Warframe
2015-03-11 11:44 - 2012-12-29 22:40 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Google
2015-03-11 11:38 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-11 11:34 - 2009-07-14 05:45 - 00346416 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 11:04 - 2013-08-15 22:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 10:57 - 2013-06-27 00:24 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 10:15 - 2012-12-30 04:07 - 00000999 _____ () C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-08 11:54 - 2011-04-12 08:43 - 01283404 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 11:54 - 2011-04-12 08:43 - 00331438 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 11:54 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 11:47 - 2012-12-30 04:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 14:55 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-05 22:35 - 2013-01-25 22:54 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\TS3Client
2015-03-05 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-24 14:41 - 2013-05-27 20:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ____D () C:\ProgramData\Skype
2015-02-18 15:28 - 2014-11-20 18:02 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Dxtory Software
2015-02-18 15:07 - 2014-10-13 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-18 09:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-17 18:04 - 2013-12-04 20:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\ArmA 2 OA
2015-02-16 16:20 - 2013-02-08 23:47 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 10:45 - 2015-01-25 19:24 - 00000000 ____D () C:\Program Files (x86)\Glyph
2015-02-12 14:06 - 2014-12-12 12:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 14:06 - 2014-05-06 21:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 23:37 - 2014-04-15 16:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 23:36 - 2013-03-02 18:41 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 23:36 - 2013-03-02 18:41 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 23:36 - 2013-03-02 18:41 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 23:35 - 2013-03-02 18:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2013-03-26 21:37 - 2013-03-26 21:37 - 0046592 _____ (baCwJ5uAc4VR) C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe
2013-05-31 19:27 - 2013-08-27 13:18 - 0036864 _____ () C:\Users\Alessio\AppData\Roaming\RZR_0060f45e48b3b0e8dcec4d8da47b.db
2013-03-26 23:10 - 2013-03-26 23:10 - 0004743 _____ () C:\Users\Alessio\AppData\Roaming\ss.png
2013-03-26 21:22 - 2013-03-26 21:37 - 0046592 _____ (baCwJ5uAc4VR) C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak
2013-09-22 20:14 - 2014-09-07 17:46 - 0000177 _____ () C:\Users\Alessio\AppData\Roaming\WB.CFG
2013-12-02 19:36 - 2014-04-11 15:36 - 0012800 _____ () C:\Users\Alessio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-01 14:44 - 2014-11-01 14:44 - 0002227 _____ () C:\Users\Alessio\AppData\Local\recently-used.xbel
2013-05-14 13:07 - 2013-05-14 13:07 - 0024128 _____ () C:\Users\Alessio\AppData\Local\Temp1.jpg

Some content of TEMP:
====================
C:\Users\Alessio\AppData\Local\Temp\Quarantine.exe
C:\Users\Alessio\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-06 15:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Alessio at 2015-03-13 18:38:29
Running from C:\Users\Alessio\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story DE 4.1.176 (HKLM-x32\...\4Story_DE_is1) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Browser Updater 1.1 (HKLM-x32\...\Browser Updater_is1) (Version:  - Browser Updater)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.11 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{D4BA1D6D-DACD-4411-9DEC-6BEE3793277E}) (Version: 0.92.95 - Dotjosh Studios)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
GDMO (HKLM-x32\...\DMO) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
GunZ2 (HKLM-x32\...\GunZ2) (Version:  - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.3.3 (HKLM-x32\...\{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}) (Version: 4.0.3.3 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEDUSA NX USB 5.1 Gaming Headset (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.4 - NETGEAR)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.15.96 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9fe8a752-f74c-45c7-a712-1398de096d70}) (Version: latest - ppy Pty Ltd)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2477.0 - Hi-Rez Studios)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Spider-Man 3 (TM) (HKLM-x32\...\InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}) (Version: 1.00.0000 - Activision)
Spider-Man 3(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
Unity Web Player (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Videobearbeitungs-Software (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
winengine (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\winengine) (Version: 20.020 - Ad business Crown Solutions)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-03-2015 14:26:30 Windows Update
08-03-2015 11:46:26 Installiert NETGEAR WNDA3100v2 wireless USB 2.0 driver
08-03-2015 11:49:31 Gerätetreiber-Paketinstallation: NETGEAR Inc. Netzwerkprotokoll
09-03-2015 12:12:55 Windows Update
11-03-2015 10:55:42 Windows Update
12-03-2015 11:59:07 LavasoftWeCompanion
12-03-2015 12:02:54 LavasoftWeCompanion
13-03-2015 12:24:05 Revo Uninstaller's restore point - Speed Test Analysis

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-13 12:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E2B83DC-C03A-45CB-AD4F-16ECBAAA06CA} - System32\Tasks\{FB710A8C-3F20-4037-BA9F-2279DB8C60CE} => C:\Users\Alessio\Desktop\Spiele\Cube World\Server.exe
Task: {1D71DD0D-918A-411F-8C1F-C38D3F4B92A9} - System32\Tasks\{B712CEDA-CB66-487A-B1D0-16FCF3833331} => pcalua.exe -a C:\Users\Alessio\Downloads\pb35setup.exe -d C:\Users\Alessio\Downloads
Task: {1ED6DB81-95D4-4B4A-93C3-3B61C2869614} - System32\Tasks\{3B21737A-2EEE-4B80-9791-0CA45E4EAF79} => pcalua.exe -a "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe InDesign CS2\instmsiw.exe" -d "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe InDesign CS2"
Task: {247C1470-0DD9-41AA-A141-37540BCC668C} - System32\Tasks\{ECC14FBB-A210-44BF-8D17-90CFAE26A593} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {2EF31754-B9D1-40E1-80B1-903CE51B89E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {35596071-9BC2-41E5-B2B9-C49C82FFD345} - System32\Tasks\{960ABE80-50A4-4F97-828F-A3F8E9D4AF23} => pcalua.exe -a C:\Users\Alessio\Desktop\CS2_RetNon_Ger_2.exe -d C:\Users\Alessio\Desktop
Task: {3FEDD910-5225-45A1-9ED3-6D2FC0133681} - System32\Tasks\{DDB1CD15-9B67-416D-B21D-5EBEDD2258B6} => C:\Users\Alessio\Desktop\Spiele\Leagues of Legends\Dateipad\lol.launcher.exe [2012-04-24] ()
Task: {43DC7FE8-7A84-4957-9976-FC78A4C5E65C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {4CBDEA00-DB3A-47F5-8938-A1DBB93E4E9F} - System32\Tasks\{F555DCF7-5330-4992-8D0E-44803962035A} => pcalua.exe -a "C:\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe" -c "/appName=Angry Birds Space Bundle by SweetPacks"
Task: {5116F59E-BFC1-4DEC-B583-AF8D98340A93} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe <==== ATTENTION
Task: {6A9CB896-454F-4215-8A53-491B65F633CD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {6ABE04FA-43E5-4FD2-9A16-F47C36BE603E} - System32\Tasks\{E76D057E-E5CC-451F-A489-35E0711C5B54} => pcalua.exe -a "C:\Users\Alessio\Desktop\Spiele\Cube World\CubeLauncher.exe" -d "C:\Users\Alessio\Desktop\Spiele\Cube World"
Task: {6B5BF2CD-A7A4-43DB-BEBF-2B5C73F1B284} - System32\Tasks\{59712F7F-602B-4259-BC4A-F548DA1D39C8} => pcalua.exe -a C:\Users\Alessio\Downloads\S4_League.exe -d C:\Users\Alessio\Downloads
Task: {776CE386-3FF0-44F2-9329-DEA6CD841DC7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {798E7F0A-8A24-4746-B159-10A30453F181} - System32\Tasks\{A5848A69-81AF-4E23-94FE-FF5D088EF999} => pcalua.exe -a "C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {804B9EB3-6929-4223-B074-1C73241530F9} - System32\Tasks\{C4B7EC27-61A6-4F4A-AB88-42C1FC45D781} => pcalua.exe -a C:\Users\Alessio\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=obw <==== ATTENTION
Task: {809E5053-971E-4266-A206-18A382E1A764} - \Windows Update Check - 0x05B00174 No Task File <==== ATTENTION
Task: {A2355A77-DABF-4F47-8816-514349A52D56} - System32\Tasks\{AB2A9000-5877-4F39-ABD8-165203A76308} => C:\Program Files (x86)\S4League\patcher_s4.exe
Task: {ACAE00EF-7BE7-4867-8B68-EF3912A49A8A} - System32\Tasks\{9425F20D-C1BE-4D99-BCBD-82AD7F4A72C7} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {B14A17CA-B4E5-47BB-8CEE-284D553D2AA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {B48C1041-F6D2-4432-B57A-53D52830AC20} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {C355A1C9-D143-4253-A2F6-125B60A794A0} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Alessio\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: {C8779DCA-8234-45DC-B195-770DCFC0E0E2} - System32\Tasks\{43ED0757-E288-4FDA-9F7B-48A48A47A945} => pcalua.exe -a "C:\Users\Alessio\Downloads\[Mutli] Installer v1.0\Multi[Installer] v1.0.exe" -d "C:\Users\Alessio\Downloads\[Mutli] Installer v1.0"
Task: {DAFB7EC2-4535-447E-B6F1-CE356597BB61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-12-30 04:26 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-13 16:37 - 2015-03-13 16:37 - 00207872 _____ () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsj7F88.tmp
2014-07-14 12:08 - 2014-07-14 12:08 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-03-11 10:09 - 2015-03-11 10:09 - 00211456 _____ () C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp
2013-05-11 18:40 - 2013-05-11 18:40 - 01992328 _____ () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
2015-03-11 10:06 - 2015-03-11 10:06 - 00091648 _____ () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp
2015-03-11 10:08 - 2015-03-11 10:09 - 00094720 _____ () C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-03-25 13:23 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 13:52 - 2015-02-19 00:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-12-30 12:10 - 2015-02-19 00:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-12-30 12:10 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-21 21:55 - 2014-03-24 09:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-10-21 21:55 - 2014-03-24 09:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2015-02-05 01:54 - 2015-02-05 01:54 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LEVxCIdNFBMA.lnk => C:\Windows\pss\LEVxCIdNFBMA.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lkYsOYc1bJT0.lnk => C:\Windows\pss\lkYsOYc1bJT0.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VnjnJP5w6eXE.lnk => C:\Windows\pss\VnjnJP5w6eXE.lnk.Startup

==================== Accounts: =============================

Administrator (S-1-5-21-4026364676-241273927-3108656300-500 - Administrator - Disabled)
Alessio (S-1-5-21-4026364676-241273927-3108656300-1000 - Administrator - Enabled) => C:\Users\Alessio
Gast (S-1-5-21-4026364676-241273927-3108656300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4026364676-241273927-3108656300-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-03-13 12:34:35.200
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-13 12:34:35.171
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8144.44 MB
Available physical RAM: 4997.94 MB
Total Pagefile: 16287.06 MB
Available Pagefile: 13339.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:963.73 GB) NTFS
Drive d: (WNDA3100v2) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1A2000CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Geändert von Alessio (13.03.2015 um 18:55 Uhr)

Alt 14.03.2015, 09:44   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.03.2015, 14:18   #9
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Okay hallo also hab jz alles gemacht und die logs für dich aber ich hab immernoch das problem das manche wörter einfach doppelt unterstrichen sind und wenn ich dann mit der maus drübergehe mir werbeseiten angezeigt werden..

Hier jz die logs

ESET log
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1f484b2b242e9c40ad3482c2a759ff83
# engine=22905
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-14 12:52:01
# local_time=2015-03-14 01:52:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3591 16777213 100 95 65064609 188934106 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2646961 67647237 0 0
# scanned=418871
# found=70
# cleaned=0
# scan_time=7862
sh=8E9CABD502F9FCCBEA6B41CBA0130B0446D54445 ft=1 fh=2878de3d76f4abec vn="Variante von Win32/ELEX.BF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Desk 365\eUninstall.exe.vir"
sh=135464CE561FF39D0B1CFFFBB0585EAC81479D3C ft=1 fh=964e4afe2acf1cf7 vn="Variante von Win32/ELEX.BF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Desk 365\TrayDownloader.exe.vir"
sh=167EF63E3FBACFCEC91AF39F9D2F6C6EF65CE1C3 ft=1 fh=ead1c2f78ed6d50e vn="Win32/Somoto.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\FilesFrog Update Checker\update_checker.exe.vir"
sh=7FCFCA82B578B420E6E7839B096645FAD498B50C ft=1 fh=5c5f724fbf0e5e5d vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_de_300\gamesdesktop_widget.exe.vir"
sh=59A66D4D07B7D44C8B3AFA3320E046DF905EDE8D ft=1 fh=cb26fbf7333a44b9 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_de_300\gmsd_de_300.exe.vir"
sh=186729B392AA006D2378BC474951BFBC98392F46 ft=1 fh=98b2073acca30d49 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_de_300\predm.exe.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH_DE\hk64tbNCH_.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH_DE\hktbNCH_.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH_DE\ldrtbNCH_.dll.vir"
sh=2647A8D25068D715D97EE42DCB86CF9AA55946BC ft=1 fh=5fd80ae6b91e806a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH_DE\prxtbNCH_.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH_DE\tbNCH_.dll.vir"
sh=8C8E2A338F04848E754C25DC19C1430580D462C6 ft=1 fh=f76e2c97d8443672 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir"
sh=AEA1F8ECDBFE8E7BD55BCA9B24160C99A58F655B ft=1 fh=00817a312f73db7a vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir"
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir"
sh=987B7AAE8131855FE75145719FF5F076B2299C97 ft=1 fh=712332c590681590 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir"
sh=454CD903C123F611BCB0570843035C0A79F4982C ft=1 fh=cd56a5d579cc2e31 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir"
sh=CD37191EE4233E55E613DD2D34DA1620EC9752E6 ft=1 fh=779e3b53bab7b8cc vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir"
sh=20EB765F8AC452AFA69069CB8741BEE918A386BF ft=1 fh=4ef03ab93070aee7 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir"
sh=14E7D1DB36B816A980F4CE58EF5833FA2393AEAD ft=1 fh=76649c45e05ece35 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir"
sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=E527BBCAFEDDC287A621A2DB49A1F10502C1E3D0 ft=1 fh=4c77490216ec3f95 vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=3814FD86159C905175186F3054C94BF81E073593 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\CRE\kppnoegbbaphhibbpdojjiehofchhdgk.crx.vir"
sh=76AB62BE35E54C2F2B53BFFD162B92F1205F76BD ft=1 fh=d18099ba65173554 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\DownloadGuide\Offers\autocompletepro.exe.vir"
sh=DE4CDF1AFF3E2BC3D06F3DCED89E3D141EFF7035 ft=1 fh=8cdae1047747df39 vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\DownloadGuide\Offers\iminent.exe.vir"
sh=FDC5905E965609B2355DCA38C87462780158F2E6 ft=1 fh=5ed4a552f23616fc vn="Variante von Win32/Adware.EoRezo.AJ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\gmsd_de_300\upgmsd_de_300.exe.vir"
sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kppnoegbbaphhibbpdojjiehofchhdgk\10.31.4.510_0\APISupport\APISupport.dll.vir"
sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kppnoegbbaphhibbpdojjiehofchhdgk\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir"
sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kppnoegbbaphhibbpdojjiehofchhdgk\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir"
sh=A82C9997BED4FAF04183B6900595DFF29782D979 ft=1 fh=cb8f9c5cda147f68 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Local\Temp\Security Systems\Setup.exe.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\LocalLow\NCH_DE\hk64tbNCH_.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\LocalLow\NCH_DE\hktbNCH_.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\LocalLow\NCH_DE\ldrtbNCH_.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\LocalLow\NCH_DE\tbNCH_.dll.vir"
sh=9A50BF1CAC5B83C6F72C665F7C5B1C33D3AE30AD ft=1 fh=caf3d268e5fdccf7 vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir"
sh=A94193F8F62F1D07E1C5DE2F7F91500E7C526DAF ft=1 fh=28a9044a9bcbdffd vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Roaming\eDownload\CouponDropDown.exe.vir"
sh=9818FE23A2C33609A3088B1E4B346FC15CC0845E ft=1 fh=a5ce0c8be77cb07c vn="Variante von Win32/ELEX.BF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Roaming\eIntaller\11C10AC8A52D4f99BE9186F0ED790C1E\Desk365.exe.vir"
sh=3F7FB4678AB70D7B1AE86EF7001920862DF2B504 ft=1 fh=ece89d0abb04edde vn="Variante von Win32/DealPly.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Roaming\eIntaller\146E938A17C2417a9744D6EAD8AF85BC\dp.exe.vir"
sh=816253DA66EB58DB4848E70DA052BBC0F06503DF ft=1 fh=6274a150e0464672 vn="Variante von Win32/ELEX.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Roaming\eIntaller\146E938A17C2417a9744D6EAD8AF85BC\eXQ.exe.vir"
sh=476063885747EDD774A6B8CB2790703503A75A55 ft=1 fh=d7bb79193adaee2e vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alessio\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=BA39F8C9886EF4AABD72262B192DB8A177C7E206 ft=1 fh=078180abaf06d010 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=1DE85E0DB64E997AE9C9470C8A5B34DA283E0B47 ft=1 fh=0f76cd8780b17e40 vn="Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe"
sh=355D3E754738E38C98270040F13C4BD323969DB1 ft=1 fh=c71c0011c35ba1fc vn="Variante von Win32/Adware.ConvertAd.CH Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\onst5341.tmp"
sh=70B33539146A0DE4A55DDF042D99D167A5B741A6 ft=1 fh=2b581d40ebeda32e vn="Win32/Adware.AdService.AZ Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp"
sh=70B33539146A0DE4A55DDF042D99D167A5B741A6 ft=1 fh=2b581d40ebeda32e vn="Win32/Adware.AdService.AZ Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3V9LAKNX\SU_Srv[1].exe"
sh=09737D2395AC1B238DF2C801D0EB786EC082D56D ft=1 fh=1c4a9958d65de32e vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZN00QN1\OfferInstaller[2].exe"
sh=C06D006CD3FA2BDE4BE596BD8A98CC409A616AA3 ft=1 fh=98cfe6578021772b vn="Variante von Win32/Adware.ConvertAd.CP Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PFV0DOM\VOsrv[1].exe"
sh=CC128E17C434066258204F7C606DAC2C7CF85B17 ft=1 fh=37c25389a72f12c6 vn="Variante von Win32/BrowseFox.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\BetweenLines[1].dll"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\Setup[1].exe"
sh=355D3E754738E38C98270040F13C4BD323969DB1 ft=1 fh=c71c0011c35ba1fc vn="Variante von Win32/Adware.ConvertAd.CH Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3F7B5UX\Update_Notifier[1].exe"
sh=C5D4F67645A58F011294C69BD119EA1995AADC9D ft=1 fh=57a6ba61a35e7ac7 vn="Win32/Adware.AdService.AY Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q46ZAFB6\JOSrv[1].exe"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMFFRVSD\Setup[1].exe"
sh=FDCF116C61C82BB3D3D74C3E46DC9427B43A4EEA ft=0 fh=0000000000000000 vn="JS/Kryptik.I Trojaner" ac=I fn="C:\Users\Alessio\AppData\Local\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\cache2\entries\72D30242E5365DEDF13376EBFC181995B1B41CEA"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsd24D6.tmp"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsn66E4.tmp"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nss3B23.tmp"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Temp\nsd24D6.tmp"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Temp\nsn66E4.tmp"
sh=6047B95E401E3E12ED551C8980CBC3E6EC6EBB95 ft=1 fh=be590a4afa4bdc0b vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\AppData\Local\Temp\nss3B23.tmp"
sh=24BBC0F7E797E024FE83A114E69007C2E1863650 ft=1 fh=cf221a6b15f221c4 vn="Variante von MSIL/Agent.EX Trojaner" ac=I fn="C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe"
sh=24BBC0F7E797E024FE83A114E69007C2E1863650 ft=1 fh=cf221a6b15f221c4 vn="Variante von MSIL/Agent.EX Trojaner" ac=I fn="C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak"
sh=C5D4F67645A58F011294C69BD119EA1995AADC9D ft=1 fh=57a6ba61a35e7ac7 vn="Win32/Adware.AdService.AY Anwendung" ac=I fn="C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp"
sh=C06D006CD3FA2BDE4BE596BD8A98CC409A616AA3 ft=1 fh=98cfe6578021772b vn="Variante von Win32/Adware.ConvertAd.CP Anwendung" ac=I fn="C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsn7082.tmp"
sh=96B85214CD9E4FF85AC6144E7EF3DDF9E0F215E6 ft=1 fh=098a6735f96a550a vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\Desktop\Krimskram\WindowsSupportDll64.dll"
sh=5FDFFF7DE721222B9C50996F30765BB7631CC841 ft=1 fh=e314fcfbda4844ea vn="Variante von Win32/InstallCore.XP evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\Downloads\adobe_flash_setup.exe"
sh=928AEDAC68CB038A228E2732931AB71CDA7382A4 ft=1 fh=189525df473ab0f6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\Downloads\MSI Afterburner - CHIP-Installer.exe"
sh=DE33325E686C82C12DB1F95F39E94AC746F5B5B5 ft=1 fh=d789ebaae8b3bc52 vn="Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe"
sh=1DE85E0DB64E997AE9C9470C8A5B34DA283E0B47 ft=1 fh=0f76cd8780b17e40 vn="Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="C:\Users\All Users\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe"
sh=FA6B38AAAC213F1FBB6D46BC286C5AF66048C392 ft=1 fh=a5f88c48a94033ea vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]"
sh=FA6B38AAAC213F1FBB6D46BC286C5AF66048C392 ft=1 fh=a5f88c48a94033ea vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="${Memory}"
         
Securtiy Check log
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.97  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
Norton Internet Security        
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Mozilla Firefox (36.0.1) 
 Google Chrome (40.0.2214.115) 
 Google Chrome (41.0.2272.89) 
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Frisches FRST allerdings hat er diesmal kein additional erstellt keine ahnung wieso?!

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Alessio (administrator) on ALESSIO-PC on 14-03-2015 14:13:56
Running from C:\Users\Alessio\Downloads
Loaded Profiles: Alessio (Available profiles: Alessio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp
() C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsk35AB.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp
() C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(Super PC Tools Ltd) C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-05-11] (NEXON Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4026364676-241273927-3108656300-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52166;https=127.0.0.1:52166
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4026364676-241273927-3108656300-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-17] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2013-12-14] (Nexon)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4026364676-241273927-3108656300-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alessio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Extension: Zoom It - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\Extensions\{89322f21-4dab-1726-6081-084c403dcecf} [2015-03-13]
FF Extension: Adblock Plus - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-06]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\netsight@nielsen.xpi
FF HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\vxvj29up.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-12]
CHR Extension: (Docs) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12]
CHR Extension: (Google Drive) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-12]
CHR Extension: (Google Search) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-12]
CHR Extension: (Google Sheets) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814976 2015-02-06] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-12-07] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-12-15] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-15] ()
R2 pumygydy; C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp [211456 2015-03-11] () [File not signed]
R2 pyqoridy; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsk35AB.tmp [124928 2015-03-14] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
R2 xebejehi; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp [91648 2015-03-11] () [File not signed]
R2 zizudobe; C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp [94720 2015-03-11] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2011-03-31] (C-Media Electronics Inc)
S1 aclrtvfz; \??\C:\Windows\system32\drivers\aclrtvfz.sys [X]
S4 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R4 ccSet_NIS; \SystemRoot\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [X]
S1 dfxdnxpi; \??\C:\Windows\system32\drivers\dfxdnxpi.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R4 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130226.002\IDSvia64.sys [X]
R4 SRTSPX; \SystemRoot\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [X]
R4 SymDS; system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [X]
R4 SymEFA; system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 13:58 - 2015-03-14 13:58 - 00000000 _____ () C:\Users\Alessio\Desktop\FRST3.txt
2015-03-14 13:58 - 2015-03-14 13:58 - 00000000 _____ () C:\Users\Alessio\Desktop\Addition3.txt
2015-03-14 13:56 - 2015-03-14 13:58 - 00000910 _____ () C:\Users\Alessio\Desktop\checkup.txt.txt
2015-03-14 13:55 - 2015-03-14 13:56 - 00852604 _____ () C:\Users\Alessio\Desktop\SecurityCheck.exe
2015-03-14 13:54 - 2015-03-14 13:54 - 00016664 _____ () C:\Users\Alessio\Desktop\ESET.txt.txt
2015-03-14 11:38 - 2015-03-14 11:38 - 02347384 _____ (ESET) C:\Users\Alessio\Downloads\esetsmartinstaller_deu.exe
2015-03-13 18:39 - 2015-03-13 18:39 - 00066928 _____ () C:\Users\Alessio\Desktop\FRST2.txt
2015-03-13 18:39 - 2015-03-13 18:39 - 00029439 _____ () C:\Users\Alessio\Desktop\Addition2.txt
2015-03-13 18:38 - 2015-03-14 14:14 - 00022456 _____ () C:\Users\Alessio\Downloads\FRST.txt
2015-03-13 18:38 - 2015-03-13 18:38 - 00029465 _____ () C:\Users\Alessio\Downloads\Addition.txt
2015-03-13 18:36 - 2015-03-13 18:36 - 00001725 _____ () C:\Users\Alessio\Desktop\JRT.txt.txt
2015-03-13 18:33 - 2015-03-13 18:33 - 01388333 _____ (Thisisu) C:\Users\Alessio\Desktop\JRT.exe
2015-03-13 18:25 - 2015-03-13 18:31 - 00002505 _____ () C:\Users\Alessio\Desktop\AdwCleaner.txt.txt
2015-03-13 18:24 - 2015-03-13 18:24 - 02171392 _____ () C:\Users\Alessio\Downloads\AdwCleaner_4.112(6).exe
2015-03-13 18:16 - 2015-03-13 18:16 - 00012277 _____ () C:\Users\Alessio\Desktop\mbam.txt.txt
2015-03-13 18:05 - 2015-03-13 18:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-13 18:04 - 2015-03-13 18:04 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-13 18:04 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-13 18:04 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 18:04 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-13 18:03 - 2015-03-13 18:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alessio\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-13 12:44 - 2015-03-13 12:44 - 00029781 _____ () C:\ComboFix.txt
2015-03-13 12:28 - 2015-03-13 12:44 - 00000000 ____D () C:\Qoobox
2015-03-13 12:28 - 2015-03-13 12:43 - 00000000 ____D () C:\Windows\erdnt
2015-03-13 12:28 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 12:28 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 12:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 12:26 - 2015-03-13 12:27 - 05613296 ____R (Swearware) C:\Users\Alessio\Desktop\ComboFix.exe
2015-03-13 12:22 - 2015-03-13 12:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alessio\Downloads\revosetup95.exe
2015-03-13 12:22 - 2015-03-13 12:22 - 00001264 _____ () C:\Users\Alessio\Desktop\Revo Uninstaller.lnk
2015-03-13 12:22 - 2015-03-13 12:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-12 13:46 - 2015-03-12 13:46 - 00038976 _____ () C:\Users\Alessio\Desktop\Addition1.txt
2015-03-12 13:45 - 2015-03-12 13:46 - 00068301 _____ () C:\Users\Alessio\Desktop\FRST1.txt
2015-03-12 13:44 - 2015-03-14 14:13 - 00000000 ____D () C:\FRST
2015-03-12 13:44 - 2015-03-12 13:44 - 02095616 _____ (Farbar) C:\Users\Alessio\Downloads\FRST64.exe
2015-03-12 13:19 - 2015-03-12 13:19 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-12 13:19 - 2015-03-12 13:19 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-12 13:19 - 2015-03-12 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-12 12:00 - 2015-03-09 11:32 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-12 12:00 - 2015-03-09 11:32 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00830600 _____ (Internet software ) C:\Users\Alessio\Downloads\adobe_flash_setup.exe
2015-03-11 14:31 - 2015-03-11 14:32 - 00000000 ____D () C:\Users\Alessio\Desktop\YT Dlds
2015-03-11 14:30 - 2015-03-11 14:30 - 11123720 _____ () C:\Users\Alessio\Downloads\YTDSetup.exe
2015-03-11 11:46 - 2015-03-11 11:46 - 00243528 _____ () C:\Users\Alessio\Downloads\Firefox Setup Stub 36.0.1.exe
2015-03-11 10:30 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:30 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:30 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:30 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:30 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:30 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 10:30 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 10:30 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 10:30 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 10:30 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 10:30 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 10:30 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 10:30 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:30 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:30 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 10:29 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 10:29 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:29 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 10:29 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 10:29 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 10:29 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 10:29 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:28 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:28 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:28 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 10:28 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:28 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:28 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:28 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:28 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:28 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:28 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 10:28 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 10:28 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:28 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:28 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:28 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:28 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:28 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 10:28 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 10:28 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:28 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 10:28 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:28 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:28 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:28 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:28 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:28 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:28 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:28 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:28 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:26 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:26 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 10:09 - 2015-03-14 14:06 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D
2015-03-11 10:08 - 2015-03-11 10:09 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D
2015-03-11 10:06 - 2015-03-11 10:06 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068395-11DD-896D-3085A9AF655D
2015-03-11 10:05 - 2015-03-14 13:34 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D
2015-03-11 10:04 - 2015-03-13 18:18 - 00000000 ____D () C:\Users\Alessio\AppData\Local\winengine
2015-03-11 10:04 - 2015-03-13 18:17 - 00000000 ____D () C:\ProgramData\{7a382bfb-7e4f-0314-7a38-82bfb7e4afed}
2015-03-11 10:04 - 2015-03-11 10:21 - 00000000 ____D () C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Bluestacks
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-08 11:51 - 2015-03-08 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-03-08 11:49 - 2007-01-19 18:24 - 00025312 ____R (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2015-03-08 11:47 - 2015-03-08 11:47 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-03-08 11:47 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-03-08 11:47 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-03-08 11:47 - 2010-06-09 13:11 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-03-08 11:46 - 2015-03-08 11:46 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\InstallShield
2015-03-06 15:47 - 2015-03-12 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-04 21:59 - 2015-03-04 22:00 - 00000000 ____D () C:\Users\Alessio\Desktop\AoT
2015-02-26 11:37 - 2015-02-27 11:05 - 00000391 _____ () C:\Users\Alessio\Desktop\Miss.txt
2015-02-25 11:19 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 11:19 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157(1).exe
2015-02-24 14:36 - 2015-03-05 14:42 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-02-24 14:36 - 2015-03-05 14:42 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-19 11:11 - 2015-02-19 11:11 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Steam
2015-02-18 15:06 - 2015-02-18 15:06 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-02-18 00:19 - 2015-02-18 09:41 - 00019627 _____ () C:\Users\Alessio\Desktop\ALN.odt
2015-02-17 23:12 - 2015-02-17 23:13 - 00000582 _____ () C:\Users\Alessio\Desktop\Jokes.txt
2015-02-17 23:10 - 2015-02-17 23:54 - 00000140 _____ () C:\Users\Alessio\Desktop\Quellen.txt
2015-02-17 17:26 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 17:26 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-15 12:14 - 2015-02-15 12:14 - 00000222 _____ () C:\Users\Alessio\Desktop\GunZ 2 The Second Duel.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 14:14 - 2012-12-30 04:03 - 01284862 _____ () C:\Windows\WindowsUpdate.log
2015-03-14 14:12 - 2012-12-30 04:11 - 00000000 ____D () C:\ProgramData\Norton
2015-03-14 14:11 - 2013-05-25 11:40 - 00000000 ____D () C:\ProgramData\Origin
2015-03-14 14:11 - 2012-12-30 04:13 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2015-03-14 14:11 - 2012-12-29 23:16 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Skype
2015-03-14 14:11 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-14 14:11 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-14 14:07 - 2012-12-29 22:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-14 14:02 - 2013-05-25 11:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-14 14:02 - 2013-02-08 23:46 - 00000000 ____D () C:\Users\Alessio\AppData\Local\LogMeIn Hamachi
2015-03-14 14:02 - 2012-12-30 12:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-14 14:01 - 2012-12-30 04:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-14 14:01 - 2012-12-29 22:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-14 14:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-14 14:01 - 2009-07-14 05:51 - 00295419 _____ () C:\Windows\setupact.log
2015-03-14 14:00 - 2010-11-21 04:47 - 00694610 _____ () C:\Windows\PFRO.log
2015-03-14 13:54 - 2013-02-25 18:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-13 18:34 - 2013-01-06 14:31 - 00000000 ____D () C:\Users\Alessio\AppData\Local\CrashDumps
2015-03-13 18:27 - 2014-09-14 21:49 - 00000000 ____D () C:\AdwCleaner
2015-03-13 18:17 - 2013-03-26 22:13 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\gFtOF
2015-03-13 18:17 - 2013-03-26 19:49 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Uisbb
2015-03-13 18:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2015-03-13 12:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-13 12:38 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 12:35 - 2009-07-14 03:34 - 67633152 _____ () C:\Windows\system32\config\software.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-03-12 21:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 12:39 - 2013-03-16 10:54 - 00000000 ____D () C:\Fraps
2015-03-12 12:00 - 2015-01-08 14:15 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Adobe
2015-03-11 17:57 - 2013-06-25 16:00 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Warframe
2015-03-11 11:44 - 2012-12-29 22:40 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Google
2015-03-11 11:38 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-11 11:34 - 2009-07-14 05:45 - 00346416 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 11:04 - 2013-08-15 22:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 10:57 - 2013-06-27 00:24 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 10:15 - 2012-12-30 04:07 - 00000999 _____ () C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-08 11:54 - 2011-04-12 08:43 - 01283404 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 11:54 - 2011-04-12 08:43 - 00331438 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 11:54 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 11:47 - 2012-12-30 04:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 14:55 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-05 22:35 - 2013-01-25 22:54 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\TS3Client
2015-03-05 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-24 14:41 - 2013-05-27 20:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ____D () C:\ProgramData\Skype
2015-02-18 15:28 - 2014-11-20 18:02 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Dxtory Software
2015-02-18 15:07 - 2014-10-13 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-18 09:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-17 18:04 - 2013-12-04 20:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\ArmA 2 OA
2015-02-16 16:20 - 2013-02-08 23:47 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 10:45 - 2015-01-25 19:24 - 00000000 ____D () C:\Program Files (x86)\Glyph
2015-02-12 14:06 - 2014-12-12 12:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 14:06 - 2014-05-06 21:53 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2013-03-26 21:37 - 2013-03-26 21:37 - 0046592 _____ (baCwJ5uAc4VR) C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe
2013-05-31 19:27 - 2013-08-27 13:18 - 0036864 _____ () C:\Users\Alessio\AppData\Roaming\RZR_0060f45e48b3b0e8dcec4d8da47b.db
2013-03-26 23:10 - 2013-03-26 23:10 - 0004743 _____ () C:\Users\Alessio\AppData\Roaming\ss.png
2013-03-26 21:22 - 2013-03-26 21:37 - 0046592 _____ (baCwJ5uAc4VR) C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak
2013-09-22 20:14 - 2014-09-07 17:46 - 0000177 _____ () C:\Users\Alessio\AppData\Roaming\WB.CFG
2013-12-02 19:36 - 2014-04-11 15:36 - 0012800 _____ () C:\Users\Alessio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-01 14:44 - 2014-11-01 14:44 - 0002227 _____ () C:\Users\Alessio\AppData\Local\recently-used.xbel
2013-05-14 13:07 - 2013-05-14 13:07 - 0024128 _____ () C:\Users\Alessio\AppData\Local\Temp1.jpg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-06 15:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Ach und grad eben hat sich trzdem nochmal dieser AnyWhereAccessSetup Wizard geöffnet. Ich weiß nich was das is..
Der hinterlässt immer eine datei die heißt ICReinstall_nss2C83.tmp

Geändert von Alessio (14.03.2015 um 14:25 Uhr)

Alt 15.03.2015, 06:59   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}

C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\onst5341.tmp

C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3V9LAKNX\SU_Srv[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZN00QN1\OfferInstaller[2].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PFV0DOM\VOsrv[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\BetweenLines[1].dll

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\Setup[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3F7B5UX\Update_Notifier[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q46ZAFB6\JOSrv[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMFFRVSD\Setup[1].exe

C:\Users\Alessio\AppData\Local\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\cache2\entries\72D30242E5365DEDF13376EBFC181995B1B41CEA

C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsd24D6.tmp

C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsn66E4.tmp

C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nss3B23.tmp

C:\Users\Alessio\AppData\Local\Temp\nsd24D6.tmp

C:\Users\Alessio\AppData\Local\Temp\nsn66E4.tmp

C:\Users\Alessio\AppData\Local\Temp\nss3B23.tmp

C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe

C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak

C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp

C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsn7082.tmp

C:\Users\Alessio\Desktop\Krimskram\WindowsSupportDll64.dll

C:\Users\Alessio\Downloads\adobe_flash_setup.exe

C:\Users\Alessio\Downloads\MSI Afterburner - CHIP-Installer.exe

C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe

C:\Users\All Users\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]

Startup: C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 xebejehi; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp [91648 2015-03-11] () [File not signed]
R2 zizudobe; C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp [94720 2015-03-11] () [File not signed]
C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
RemoveProxy:
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen


Frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.03.2015, 11:13   #11
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Hallo Vielen Dank das mit der Werbung ist jz scheinbar endgültig verschwunden
Ich hoffe das der AnyWhereAccessSetup Wizard damit auch beseitigt ist.

So hier das Fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Alessio at 2015-03-15 11:01:25 Run:1
Running from C:\Users\Alessio\Desktop
Loaded Profiles: Alessio (Available profiles: Alessio)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}

C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\onst5341.tmp

C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3V9LAKNX\SU_Srv[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZN00QN1\OfferInstaller[2].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PFV0DOM\VOsrv[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\BetweenLines[1].dll

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\Setup[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3F7B5UX\Update_Notifier[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q46ZAFB6\JOSrv[1].exe

C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMFFRVSD\Setup[1].exe

C:\Users\Alessio\AppData\Local\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\cache2\entries\72D30242E5365DEDF13376EBFC181995B1B41CEA

C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsd24D6.tmp

C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsn66E4.tmp

C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nss3B23.tmp

C:\Users\Alessio\AppData\Local\Temp\nsd24D6.tmp

C:\Users\Alessio\AppData\Local\Temp\nsn66E4.tmp

C:\Users\Alessio\AppData\Local\Temp\nss3B23.tmp

C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe

C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak

C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp

C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsn7082.tmp

C:\Users\Alessio\Desktop\Krimskram\WindowsSupportDll64.dll

C:\Users\Alessio\Downloads\adobe_flash_setup.exe

C:\Users\Alessio\Downloads\MSI Afterburner - CHIP-Installer.exe

C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe

C:\Users\All Users\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]

Startup: C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 xebejehi; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp [91648 2015-03-11] () [File not signed]
R2 zizudobe; C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D\cnsz2511.tmp [94720 2015-03-11] () [File not signed]
C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
RemoveProxy:
Emptytemp:
         
*****************


"C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}" directory move:

Could not move "C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}" directory. => Scheduled to move on reboot.

C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\onst5341.tmp => Moved successfully.
C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp => Moved successfully.
C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3V9LAKNX\SU_Srv[1].exe => Moved successfully.
C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZN00QN1\OfferInstaller[2].exe => Moved successfully.
"C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PFV0DOM\VOsrv[1].exe" => File/Directory not found.
C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\BetweenLines[1].dll => Moved successfully.
C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HAOYJRA5\Setup[1].exe => Moved successfully.
C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3F7B5UX\Update_Notifier[1].exe => Moved successfully.
C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q46ZAFB6\JOSrv[1].exe => Moved successfully.
"C:\Users\Alessio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMFFRVSD\Setup[1].exe" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Mozilla\Firefox\Profiles\yx9kfsx8.default-1418917023564\cache2\entries\72D30242E5365DEDF13376EBFC181995B1B41CEA" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsd24D6.tmp" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nsn66E4.tmp" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Temp\ICReinstall_nss3B23.tmp" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Temp\nsd24D6.tmp" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Temp\nsn66E4.tmp" => File/Directory not found.
"C:\Users\Alessio\AppData\Local\Temp\nss3B23.tmp" => File/Directory not found.
C:\Users\Alessio\AppData\Roaming\ndcAIVJ5D7S.exe => Moved successfully.
C:\Users\Alessio\AppData\Roaming\VnjnJP5w6eXE.bak => Moved successfully.
C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\jnsi6057.tmp => Moved successfully.
"C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsn7082.tmp" => File/Directory not found.
C:\Users\Alessio\Desktop\Krimskram\WindowsSupportDll64.dll => Moved successfully.
"C:\Users\Alessio\Downloads\adobe_flash_setup.exe" => File/Directory not found.
C:\Users\Alessio\Downloads\MSI Afterburner - CHIP-Installer.exe => Moved successfully.
C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe => Moved successfully.
C:\Users\All Users\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe => Moved successfully.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1]" => File/Directory not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0GWJC8C\update[1] => Moved successfully.
C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk => Moved successfully.
C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc}\SuperOptimizerInstaller.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => Key deleted successfully.
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Key not found. 
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
xebejehi => Service stopped successfully.
xebejehi => Service deleted successfully.
zizudobe => Service stopped successfully.
zizudobe => Service deleted successfully.
C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D => Moved successfully.
X6va011 => Service deleted successfully.
X6va012 => Service deleted successfully.
X6va013 => Service deleted successfully.
X6va015 => Service deleted successfully.
X6va016 => Service deleted successfully.

========= RemoveProxy: =========

"HKU\S-1-5-21-4026364676-241273927-3108656300-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========

EmptyTemp: => Removed 437.8 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-15 11:04:26)<=

C:\ProgramData\{96cad7ef-3892-e14f-96ca-ad7ef3895fbc} => Is moved successfully.

==== End of Fixlog 11:04:26 ====
         
FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Alessio (administrator) on ALESSIO-PC on 15-03-2015 11:08:28
Running from C:\Users\Alessio\Desktop
Loaded Profiles: Alessio (Available profiles: Alessio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Alessio\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Akamai Technologies, Inc.) C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\Speech\Common\sapisvr.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-05-11] (NEXON Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alessio\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4026364676-241273927-3108656300-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4026364676-241273927-3108656300-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-17] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\runh81t3.default-1426413471539
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2013-12-14] (Nexon)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4026364676-241273927-3108656300-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alessio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\FirefoxAddOns\netsight@nielsen.xpi
FF HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Profiles\vxvj29up.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-12]
CHR Extension: (Docs) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12]
CHR Extension: (Google Drive) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-12]
CHR Extension: (Google Search) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-12]
CHR Extension: (Google Sheets) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Alessio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814976 2015-02-06] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-12-07] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-12-15] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-15] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
S2 pumygydy; C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp [X]
S2 wocyfyho; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsiD52B.tmp [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2011-03-31] (C-Media Electronics Inc)
S1 aclrtvfz; \??\C:\Windows\system32\drivers\aclrtvfz.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 dfxdnxpi; \??\C:\Windows\system32\drivers\dfxdnxpi.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 11:08 - 2015-03-15 11:09 - 00019453 _____ () C:\Users\Alessio\Desktop\FRST.txt
2015-03-15 11:06 - 2015-03-15 11:06 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-15 11:06 - 2015-03-15 11:06 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-15 11:06 - 2015-03-15 11:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-15 10:53 - 2015-03-15 11:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-14 17:44 - 2015-03-14 17:44 - 00243528 _____ () C:\Users\Alessio\Downloads\Firefox Setup Stub 36.0.1.exe
2015-03-14 17:23 - 2015-03-14 17:23 - 02171392 _____ () C:\Users\Alessio\Desktop\adwcleaner_4.112.exe
2015-03-14 13:58 - 2015-03-14 14:15 - 00062916 _____ () C:\Users\Alessio\Desktop\FRST3.txt
2015-03-14 13:58 - 2015-03-14 13:58 - 00000000 _____ () C:\Users\Alessio\Desktop\Addition3.txt
2015-03-14 13:56 - 2015-03-14 13:58 - 00000910 _____ () C:\Users\Alessio\Desktop\checkup.txt.txt
2015-03-14 13:55 - 2015-03-14 13:56 - 00852604 _____ () C:\Users\Alessio\Desktop\SecurityCheck.exe
2015-03-14 13:54 - 2015-03-14 13:54 - 00016664 _____ () C:\Users\Alessio\Desktop\ESET.txt.txt
2015-03-14 11:38 - 2015-03-14 11:38 - 02347384 _____ (ESET) C:\Users\Alessio\Downloads\esetsmartinstaller_deu.exe
2015-03-13 18:39 - 2015-03-13 18:39 - 00066928 _____ () C:\Users\Alessio\Desktop\FRST2.txt
2015-03-13 18:39 - 2015-03-13 18:39 - 00029439 _____ () C:\Users\Alessio\Desktop\Addition2.txt
2015-03-13 18:36 - 2015-03-13 18:36 - 00001725 _____ () C:\Users\Alessio\Desktop\JRT.txt.txt
2015-03-13 18:33 - 2015-03-13 18:33 - 01388333 _____ (Thisisu) C:\Users\Alessio\Desktop\JRT.exe
2015-03-13 18:25 - 2015-03-13 18:31 - 00002505 _____ () C:\Users\Alessio\Desktop\AdwCleaner.txt.txt
2015-03-13 18:24 - 2015-03-13 18:24 - 02171392 _____ () C:\Users\Alessio\Downloads\AdwCleaner_4.112(6).exe
2015-03-13 18:16 - 2015-03-13 18:16 - 00012277 _____ () C:\Users\Alessio\Desktop\mbam.txt.txt
2015-03-13 18:05 - 2015-03-14 17:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-13 18:04 - 2015-03-13 18:04 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-13 18:04 - 2015-03-13 18:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-13 18:04 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-13 18:04 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 18:04 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-13 18:03 - 2015-03-13 18:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alessio\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-13 12:44 - 2015-03-13 12:44 - 00029781 _____ () C:\ComboFix.txt
2015-03-13 12:28 - 2015-03-13 12:44 - 00000000 ____D () C:\Qoobox
2015-03-13 12:28 - 2015-03-13 12:43 - 00000000 ____D () C:\Windows\erdnt
2015-03-13 12:28 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 12:28 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 12:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 12:28 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 12:26 - 2015-03-13 12:27 - 05613296 ____R (Swearware) C:\Users\Alessio\Desktop\ComboFix.exe
2015-03-13 12:22 - 2015-03-13 12:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alessio\Downloads\revosetup95.exe
2015-03-13 12:22 - 2015-03-13 12:22 - 00001264 _____ () C:\Users\Alessio\Desktop\Revo Uninstaller.lnk
2015-03-13 12:22 - 2015-03-13 12:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-12 13:46 - 2015-03-12 13:46 - 00038976 _____ () C:\Users\Alessio\Desktop\Addition1.txt
2015-03-12 13:45 - 2015-03-12 13:46 - 00068301 _____ () C:\Users\Alessio\Desktop\FRST1.txt
2015-03-12 13:44 - 2015-03-15 11:08 - 00000000 ____D () C:\FRST
2015-03-12 13:44 - 2015-03-12 13:44 - 02095616 _____ (Farbar) C:\Users\Alessio\Desktop\FRST64.exe
2015-03-12 12:00 - 2015-03-09 11:32 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-12 12:00 - 2015-03-09 11:32 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-11 10:30 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:30 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:30 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:30 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:30 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:30 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:30 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:30 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 10:30 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 10:30 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 10:30 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 10:30 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 10:30 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 10:30 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 10:30 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 10:30 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 10:30 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 10:30 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 10:30 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:30 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:30 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 10:30 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 10:29 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 10:29 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:29 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 10:29 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 10:29 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 10:29 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 10:29 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 10:29 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 10:29 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:29 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 10:29 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 10:29 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 10:29 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 10:29 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 10:29 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 10:29 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 10:29 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 10:29 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 10:29 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:29 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 10:29 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 10:29 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:28 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:28 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:28 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 10:28 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:28 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 10:28 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:28 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:28 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:28 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:28 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:28 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 10:28 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 10:28 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:28 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:28 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:28 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 10:28 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:28 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 10:28 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 10:28 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:28 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:28 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:28 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 10:28 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 10:28 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 10:28 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 10:28 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 10:28 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:28 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:28 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 10:28 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:28 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:28 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:28 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:28 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 10:28 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:28 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:28 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:28 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:28 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:28 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:28 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:26 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:26 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 10:09 - 2015-03-15 11:01 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D
2015-03-11 10:08 - 2015-03-11 10:09 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068533-11DD-896D-3085A9AF655D
2015-03-11 10:06 - 2015-03-11 10:06 - 00000000 ____D () C:\Users\Alessio\AppData\Local\F1F1D280-1426068395-11DD-896D-3085A9AF655D
2015-03-11 10:04 - 2015-03-13 18:18 - 00000000 ____D () C:\Users\Alessio\AppData\Local\winengine
2015-03-11 10:04 - 2015-03-13 18:17 - 00000000 ____D () C:\ProgramData\{7a382bfb-7e4f-0314-7a38-82bfb7e4afed}
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Bluestacks
2015-03-11 10:04 - 2015-03-11 10:04 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-08 11:51 - 2015-03-08 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-03-08 11:49 - 2007-01-19 18:24 - 00025312 ____R (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2015-03-08 11:47 - 2015-03-08 11:47 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-03-08 11:47 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-03-08 11:47 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-03-08 11:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-03-08 11:47 - 2010-06-09 13:11 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-08 11:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-03-08 11:46 - 2015-03-08 11:46 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\InstallShield
2015-03-04 21:59 - 2015-03-04 22:00 - 00000000 ____D () C:\Users\Alessio\Desktop\AoT
2015-02-26 11:37 - 2015-02-27 11:05 - 00000391 _____ () C:\Users\Alessio\Desktop\Miss.txt
2015-02-25 11:19 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 11:19 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-24 14:41 - 2015-02-24 14:41 - 01533584 _____ () C:\Users\Alessio\Downloads\battlelog-web-plugins_2.6.2_157(1).exe
2015-02-24 14:36 - 2015-03-05 14:42 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-02-24 14:36 - 2015-03-05 14:42 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-20 08:25 - 2015-02-20 08:25 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-19 11:11 - 2015-02-19 11:11 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Steam
2015-02-18 15:06 - 2015-02-18 15:06 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-02-18 15:06 - 2015-02-18 15:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-02-18 00:19 - 2015-02-18 09:41 - 00019627 _____ () C:\Users\Alessio\Desktop\ALN.odt
2015-02-17 23:12 - 2015-02-17 23:13 - 00000582 _____ () C:\Users\Alessio\Desktop\Jokes.txt
2015-02-17 23:10 - 2015-02-17 23:54 - 00000140 _____ () C:\Users\Alessio\Desktop\Quellen.txt
2015-02-17 17:26 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 17:26 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 17:26 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-15 12:14 - 2015-02-15 12:14 - 00000222 _____ () C:\Users\Alessio\Desktop\GunZ 2 The Second Duel.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 11:07 - 2012-12-30 04:03 - 01363549 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 11:07 - 2012-12-29 22:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-15 11:05 - 2013-05-25 11:40 - 00000000 ____D () C:\ProgramData\Origin
2015-03-15 11:05 - 2012-12-29 23:16 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Skype
2015-03-15 11:04 - 2013-05-25 11:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-15 11:04 - 2013-02-08 23:46 - 00000000 ____D () C:\Users\Alessio\AppData\Local\LogMeIn Hamachi
2015-03-15 11:04 - 2012-12-30 12:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-15 11:03 - 2012-12-30 04:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-15 11:03 - 2012-12-29 22:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 11:03 - 2010-11-21 04:47 - 01355622 _____ () C:\Windows\PFRO.log
2015-03-15 11:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-15 11:03 - 2009-07-14 05:51 - 00295923 _____ () C:\Windows\setupact.log
2015-03-15 11:01 - 2013-10-22 19:07 - 00000000 ____D () C:\Users\Alessio\Desktop\Krimskram
2015-03-15 10:57 - 2014-12-18 16:37 - 00000000 ____D () C:\Users\Alessio\Desktop\Alte Firefox-Daten
2015-03-15 10:54 - 2013-02-25 18:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-15 10:53 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 10:53 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-14 17:37 - 2014-09-14 21:49 - 00000000 ____D () C:\AdwCleaner
2015-03-14 17:37 - 2012-12-30 04:11 - 00000000 ____D () C:\ProgramData\Norton
2015-03-13 18:34 - 2013-01-06 14:31 - 00000000 ____D () C:\Users\Alessio\AppData\Local\CrashDumps
2015-03-13 18:17 - 2013-03-26 22:13 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\gFtOF
2015-03-13 18:17 - 2013-03-26 19:49 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\Uisbb
2015-03-13 18:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2015-03-13 12:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-13 12:38 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 12:35 - 2009-07-14 03:34 - 67633152 _____ () C:\Windows\system32\config\software.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-03-13 12:35 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-03-12 21:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 12:39 - 2013-03-16 10:54 - 00000000 ____D () C:\Fraps
2015-03-12 12:00 - 2015-01-08 14:15 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Adobe
2015-03-11 17:57 - 2013-06-25 16:00 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Warframe
2015-03-11 11:44 - 2012-12-29 22:40 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Google
2015-03-11 11:38 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-11 11:34 - 2009-07-14 05:45 - 00346416 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 11:04 - 2013-08-15 22:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 10:57 - 2013-06-27 00:24 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 10:15 - 2012-12-30 04:07 - 00000999 _____ () C:\Users\Alessio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-08 11:54 - 2011-04-12 08:43 - 01283404 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 11:54 - 2011-04-12 08:43 - 00331438 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 11:54 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 11:47 - 2012-12-30 04:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 14:55 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-05 22:35 - 2013-01-25 22:54 - 00000000 ____D () C:\Users\Alessio\AppData\Roaming\TS3Client
2015-03-05 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-05 14:48 - 2013-02-20 21:17 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-24 14:41 - 2013-05-27 20:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-23 09:48 - 2012-12-29 23:15 - 00000000 ____D () C:\ProgramData\Skype
2015-02-18 15:28 - 2014-11-20 18:02 - 00000000 ____D () C:\Users\Alessio\AppData\Local\Dxtory Software
2015-02-18 15:07 - 2014-10-13 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-18 09:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-17 18:04 - 2013-12-04 20:04 - 00000000 ____D () C:\Users\Alessio\AppData\Local\ArmA 2 OA
2015-02-16 16:20 - 2013-02-08 23:47 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 10:45 - 2015-01-25 19:24 - 00000000 ____D () C:\Program Files (x86)\Glyph

==================== Files in the root of some directories =======

2013-05-31 19:27 - 2013-08-27 13:18 - 0036864 _____ () C:\Users\Alessio\AppData\Roaming\RZR_0060f45e48b3b0e8dcec4d8da47b.db
2013-03-26 23:10 - 2013-03-26 23:10 - 0004743 _____ () C:\Users\Alessio\AppData\Roaming\ss.png
2013-09-22 20:14 - 2014-09-07 17:46 - 0000177 _____ () C:\Users\Alessio\AppData\Roaming\WB.CFG
2013-12-02 19:36 - 2014-04-11 15:36 - 0012800 _____ () C:\Users\Alessio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-01 14:44 - 2014-11-01 14:44 - 0002227 _____ () C:\Users\Alessio\AppData\Local\recently-used.xbel
2013-05-14 13:07 - 2013-05-14 13:07 - 0024128 _____ () C:\Users\Alessio\AppData\Local\Temp1.jpg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-06 15:16

==================== End Of Log ============================
         
--- --- ---


Diesmal wieder eine Addition dabei
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Alessio at 2015-03-15 11:09:24
Running from C:\Users\Alessio\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story DE 4.1.176 (HKLM-x32\...\4Story_DE_is1) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Browser Updater 1.1 (HKLM-x32\...\Browser Updater_is1) (Version:  - Browser Updater)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.11 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{D4BA1D6D-DACD-4411-9DEC-6BEE3793277E}) (Version: 0.92.95 - Dotjosh Studios)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
GDMO (HKLM-x32\...\DMO) (Version:  - )
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
GunZ2 (HKLM-x32\...\GunZ2) (Version:  - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.3.3 (HKLM-x32\...\{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}) (Version: 4.0.3.3 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEDUSA NX USB 5.1 Gaming Headset (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.4 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9fe8a752-f74c-45c7-a712-1398de096d70}) (Version: latest - ppy Pty Ltd)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2477.0 - Hi-Rez Studios)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Spider-Man 3 (TM) (HKLM-x32\...\InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}) (Version: 1.00.0000 - Activision)
Spider-Man 3(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
Unity Web Player (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Videobearbeitungs-Software (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
winengine (HKU\S-1-5-21-4026364676-241273927-3108656300-1000\...\winengine) (Version: 20.020 - Ad business Crown Solutions)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

08-03-2015 11:46:26 Installiert NETGEAR WNDA3100v2 wireless USB 2.0 driver
08-03-2015 11:49:31 Gerätetreiber-Paketinstallation: NETGEAR Inc. Netzwerkprotokoll
09-03-2015 12:12:55 Windows Update
11-03-2015 10:55:42 Windows Update
12-03-2015 11:59:07 LavasoftWeCompanion
12-03-2015 12:02:54 LavasoftWeCompanion
13-03-2015 12:24:05 Revo Uninstaller's restore point - Speed Test Analysis
14-03-2015 14:13:47 Windows Update
15-03-2015 10:59:14 Revo Uninstaller's restore point - Mozilla Firefox 36.0.1 (x86 de)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-13 12:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E2B83DC-C03A-45CB-AD4F-16ECBAAA06CA} - System32\Tasks\{FB710A8C-3F20-4037-BA9F-2279DB8C60CE} => C:\Users\Alessio\Desktop\Spiele\Cube World\Server.exe
Task: {1D71DD0D-918A-411F-8C1F-C38D3F4B92A9} - System32\Tasks\{B712CEDA-CB66-487A-B1D0-16FCF3833331} => pcalua.exe -a C:\Users\Alessio\Downloads\pb35setup.exe -d C:\Users\Alessio\Downloads
Task: {1ED6DB81-95D4-4B4A-93C3-3B61C2869614} - System32\Tasks\{3B21737A-2EEE-4B80-9791-0CA45E4EAF79} => pcalua.exe -a "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe InDesign CS2\instmsiw.exe" -d "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe InDesign CS2"
Task: {247C1470-0DD9-41AA-A141-37540BCC668C} - System32\Tasks\{ECC14FBB-A210-44BF-8D17-90CFAE26A593} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {2EF31754-B9D1-40E1-80B1-903CE51B89E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {35596071-9BC2-41E5-B2B9-C49C82FFD345} - System32\Tasks\{960ABE80-50A4-4F97-828F-A3F8E9D4AF23} => pcalua.exe -a C:\Users\Alessio\Desktop\CS2_RetNon_Ger_2.exe -d C:\Users\Alessio\Desktop
Task: {3FEDD910-5225-45A1-9ED3-6D2FC0133681} - System32\Tasks\{DDB1CD15-9B67-416D-B21D-5EBEDD2258B6} => C:\Users\Alessio\Desktop\Spiele\Leagues of Legends\Dateipad\lol.launcher.exe [2012-04-24] ()
Task: {43DC7FE8-7A84-4957-9976-FC78A4C5E65C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {4CBDEA00-DB3A-47F5-8938-A1DBB93E4E9F} - System32\Tasks\{F555DCF7-5330-4992-8D0E-44803962035A} => pcalua.exe -a "C:\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe" -c "/appName=Angry Birds Space Bundle by SweetPacks"
Task: {5116F59E-BFC1-4DEC-B583-AF8D98340A93} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe <==== ATTENTION
Task: {6ABE04FA-43E5-4FD2-9A16-F47C36BE603E} - System32\Tasks\{E76D057E-E5CC-451F-A489-35E0711C5B54} => pcalua.exe -a "C:\Users\Alessio\Desktop\Spiele\Cube World\CubeLauncher.exe" -d "C:\Users\Alessio\Desktop\Spiele\Cube World"
Task: {6B5BF2CD-A7A4-43DB-BEBF-2B5C73F1B284} - System32\Tasks\{59712F7F-602B-4259-BC4A-F548DA1D39C8} => pcalua.exe -a C:\Users\Alessio\Downloads\S4_League.exe -d C:\Users\Alessio\Downloads
Task: {798E7F0A-8A24-4746-B159-10A30453F181} - System32\Tasks\{A5848A69-81AF-4E23-94FE-FF5D088EF999} => pcalua.exe -a "C:\Users\Alessio\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {804B9EB3-6929-4223-B074-1C73241530F9} - System32\Tasks\{C4B7EC27-61A6-4F4A-AB88-42C1FC45D781} => pcalua.exe -a C:\Users\Alessio\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=obw <==== ATTENTION
Task: {809E5053-971E-4266-A206-18A382E1A764} - \Windows Update Check - 0x05B00174 No Task File <==== ATTENTION
Task: {A2355A77-DABF-4F47-8816-514349A52D56} - System32\Tasks\{AB2A9000-5877-4F39-ABD8-165203A76308} => C:\Program Files (x86)\S4League\patcher_s4.exe
Task: {ACAE00EF-7BE7-4867-8B68-EF3912A49A8A} - System32\Tasks\{9425F20D-C1BE-4D99-BCBD-82AD7F4A72C7} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {B14A17CA-B4E5-47BB-8CEE-284D553D2AA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {C355A1C9-D143-4253-A2F6-125B60A794A0} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Alessio\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: {C8779DCA-8234-45DC-B195-770DCFC0E0E2} - System32\Tasks\{43ED0757-E288-4FDA-9F7B-48A48A47A945} => pcalua.exe -a "C:\Users\Alessio\Downloads\[Mutli] Installer v1.0\Multi[Installer] v1.0.exe" -d "C:\Users\Alessio\Downloads\[Mutli] Installer v1.0"
Task: {DAFB7EC2-4535-447E-B6F1-CE356597BB61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-12-30 04:26 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-14 12:08 - 2014-07-14 12:08 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-05-11 18:40 - 2013-05-11 18:40 - 01992328 _____ () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-03-25 13:23 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 10:06 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 13:52 - 2015-02-19 00:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 18:32 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-12-30 12:10 - 2015-02-19 00:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-21 21:55 - 2014-03-24 09:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-10-21 21:55 - 2014-03-24 09:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2012-12-30 12:10 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4026364676-241273927-3108656300-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alessio\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LEVxCIdNFBMA.lnk => C:\Windows\pss\LEVxCIdNFBMA.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lkYsOYc1bJT0.lnk => C:\Windows\pss\lkYsOYc1bJT0.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alessio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VnjnJP5w6eXE.lnk => C:\Windows\pss\VnjnJP5w6eXE.lnk.Startup

==================== Accounts: =============================

Administrator (S-1-5-21-4026364676-241273927-3108656300-500 - Administrator - Disabled)
Alessio (S-1-5-21-4026364676-241273927-3108656300-1000 - Administrator - Enabled) => C:\Users\Alessio
Gast (S-1-5-21-4026364676-241273927-3108656300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4026364676-241273927-3108656300-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2015 11:04:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2015 10:46:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 05:44:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 05:39:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 02:13:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/14/2015 02:13:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/14/2015 02:13:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (03/14/2015 02:02:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 01:56:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 01:53:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/15/2015 11:03:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Alt Port" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/15/2015 11:03:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Border Width" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/14/2015 02:11:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/14/2015 02:11:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/14/2015 02:10:36 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

	Feature: %%886

	Fehlercode: 0x80070005

	Fehlerbeschreibung: Zugriff verweigert 

	Grund: %%839

Error: (03/14/2015 02:06:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (03/14/2015 02:06:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Norton PC Checkup Application Launcher" wurde nicht richtig gestartet.

Error: (03/14/2015 02:05:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (03/14/2015 02:04:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (03/14/2015 02:06:40 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

	Feature: %%886

	Fehlercode: 0x80070005

	Fehlerbeschreibung: Zugriff verweigert 

	Grund: %%838


Microsoft Office Sessions:
=========================
Error: (03/15/2015 11:04:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2015 10:46:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 05:44:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alessio\Downloads\esetsmartinstaller_deu.exe

Error: (03/14/2015 05:39:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 02:13:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/14/2015 02:13:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/14/2015 02:13:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (03/14/2015 02:02:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 01:56:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alessio\Downloads\esetsmartinstaller_deu.exe

Error: (03/14/2015 01:53:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2015-03-13 12:34:35.200
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-13 12:34:35.171
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 8144.44 MB
Available physical RAM: 5321.48 MB
Total Pagefile: 16287.06 MB
Available Pagefile: 13640.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:965.14 GB) NTFS
Drive d: (WNDA3100v2) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1A2000CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Danke nochmal hast mir sehr geholfen kann man das irgenwie loben oder so?

Alt 15.03.2015, 14:04   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {5116F59E-BFC1-4DEC-B583-AF8D98340A93} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe <==== ATTENTION
C:\Program Files (x86)\Protected Search
Task: {804B9EB3-6929-4223-B074-1C73241530F9} - System32\Tasks\{C4B7EC27-61A6-4F4A-AB88-42C1FC45D781} => pcalua.exe -a C:\Users\Alessio\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=obw <==== ATTENTION
C:\Users\Alessio\AppData\Roaming\webssearches
Task: {809E5053-971E-4266-A206-18A382E1A764} - \Windows Update Check - 0x05B00174 No Task File <==== ATTENTION
S2 pumygydy; C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D\snse5330.tmp [X]
S2 wocyfyho; C:\Users\Alessio\AppData\Roaming\F1F1D280-1426064734-11DD-896D-3085A9AF655D\nsiD52B.tmp [X]
C:\Users\Alessio\AppData\Local\F1F1D280-1426068548-11DD-896D-3085A9AF655D
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.03.2015, 16:24   #13
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



...

Alt 15.03.2015, 20:15   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Standard

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



???
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.03.2015, 22:21   #15
Alessio
 
Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Daumen hoch

Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.



eh sorry ich hatte da nochmal das mit dem danke geschrieben da das auf die 2te seite gerutscht ist und ich dachte ich hab das noch nicht gepostet mein fehler
Du kannst das dann als erledigt markieren hab das mit delfix noch gemacht danke nochmal

Antwort

Themen zu Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.
fehlercode 0x3, fehlercode 0x80000003, fehlercode 0x80070005, fehlercode 28, pup.bitcoinminer, pup.optional.booster.a, pup.optional.certifiedtoolbar.a, pup.optional.conduit.a, pup.optional.desk365.a, pup.optional.funmoods.a, pup.optional.incredibar.a, pup.optional.installbrain.a, pup.optional.linkey.a, pup.optional.mountainbike.a, pup.optional.optimizerpr0, pup.optional.popeler, pup.optional.searchcertifiedtb.a, pup.optional.speedtestanalysis.a, pup.optional.winengine.a, speed test analysis entfernen, tabs mit werbung, trojan.agent, trojan.agent.mnr, trojan.bitminer, trojan.jobx, win32/elex.bf



Ähnliche Themen: Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.


  1. Windows 7 : Firefox blendet unerwünschte Werbung ein + öffnet neue Tabs
    Log-Analyse und Auswertung - 01.11.2015 (24)
  2. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  3. Firefox öffnet selbstständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 20.02.2015 (12)
  4. Firefox öffnet selbstständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 02.02.2015 (11)
  5. Firefox öffnet selbstständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 17.11.2014 (12)
  6. Windows 8: Firefox öffnet mehrere neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (9)
  7. Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (20)
  8. Windows 8: Firefox öffnet selbstständig neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (11)
  9. Windows 7: Firefox öffnet automatisch neue Tabs mit Werbung
    Log-Analyse und Auswertung - 05.02.2014 (7)
  10. Windows Vista: Firefox öffnet dauernd selbstständig neue Tabs mit Werbung, Datingseiten und Aufforderungen Programme zu installieren
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (3)
  11. Firefox öffnet selbstständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (7)
  12. Firefox öffnet eigenständig Tabs mit dem Link http://www.xn--34-jfa70azaif3a3ko249a.com/
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (2)
  13. Firefox öffnet eigenständig mehrere Fenster mit vielen Taps (keine Werbung)
    Log-Analyse und Auswertung - 26.08.2011 (12)
  14. Nach Hiloti.gen: Firefox öffnet eigenständig Tabs u. Windows automat. Updates schlagen fehl
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (15)
  15. Firefox öffnet Tabs mit Werbung / Anstelle einer verlinkten URL öffnet sich Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.08.2010 (4)
  16. Firefox öffnet selbstständig Tabs mit Werbung
    Log-Analyse und Auswertung - 20.06.2010 (18)
  17. Firefox öffnet ständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (7)

Zum Thema Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. - Hallo. Ich habe seit 2 Tagen das Problem das Firefox einfach neue Tabs öffnet mit Werbung. Das ging los nachdem ich mir etwas gedownloadet habe ich habe.. (eine Handyspiel für - Windows 7 : Firefox öffnet eigenständig tabs mit Werbung....
Archiv
Du betrachtest: Windows 7 : Firefox öffnet eigenständig tabs mit Werbung. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.