| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virenmeldung Trojan-Ransom.Browlock.EWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.07.2015, 06:59
| #1 |
 |  Virenmeldung Trojan-Ransom.Browlock.E Hallo seit heute zeigt mir meiner firewall das blocken dieses virus an der versucht wohl über googel chrome sich zu verbinden , leider waren alle versuche bisher gescheitert um das ding los zu werden . das ist der eintrag der mir angezeigt wird: Virus: Script.Trojan-Ransom.Browlock.E (Engine B) kann mir hier bitte jemand helfen , brauche bitte eine gute erklärung bin nicht so firm . danke
__________________ Thx |
|
02.07.2015, 07:02
| #2 |
| /// the machine /// TB-Ausbilder    | Virenmeldung Trojan-Ransom.Browlock.E hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.07.2015, 07:55
| #3 |
| | Virenmeldung Trojan-Ransom.Browlock.E FRST Logfile:
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01 Ran by User (administrator) on USER-PC on 02-07-2015 08:15:34 Running from C:\Users\User\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltSur64.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation) HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [434296 2015-02-20] (G Data Software AG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-04-06] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\Run: [COMPUTER BILD Account-Alarm] => "C:\Program Files (x86)\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe" /tray HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.) HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\MountPoints2: {2f18c11d-ed77-11e4-92be-bc5ff4e40f16} - E:\LaunchU3.exe HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\MountPoints2: {75a44047-8a8c-11e3-ba52-806e6f6e6963} - D:\ASRSetup.exe HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\MountPoints2: {ee6d29ab-9573-11e3-9f6a-806e6f6e6963} - D:\Autorun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-01-31] ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-28] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ SearchScopes: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-02] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-02] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{E7E655D9-70A5-4942-B8E3-9F3534835C19}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default FF Homepage: https://www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-02] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-15] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-1374076071-3568092761-3529283225-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-04-18] () FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\user.js [2015-05-19] FF Extension: Amazon-Icon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\Extensions\amazon-icon@giga.de [2014-04-03] FF Extension: Securita Scout - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\Extensions\isec@securitascout.com [2014-04-03] FF Extension: Browser-Security - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\Extensions\firefox@browser-security.de.xpi [2015-05-19] FF Extension: Personas Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\Extensions\personas@christopher.beard.xpi [2014-02-04] FF Extension: ImTranslator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-02-04] FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t1r5v13n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-28] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-02-04] Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-04] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-04] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-04] CHR Extension: (Sniper Team) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgbbaloijjnkpigapgmocdpoblnlec [2014-07-25] CHR Extension: (Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-04-16] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-04] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-04] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17] CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-17] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-17] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-17] CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17] CHR Extension: (Amazon-Icon) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2015-04-17] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-17] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17] CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-17] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-17] CHR Extension: (QR Code Generator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cnehiohlphfeeoajihccdlbioaickhak [2015-04-25] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-17] CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17] CHR Extension: (Bookmark Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22] CHR Extension: (Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-04-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-17] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4 CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-26] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-26] CHR Extension: (The QR Code Generator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2015-04-27] CHR Extension: (Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-04-26] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-26] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-26] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26] CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\User\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-04-03] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-28] (Adobe Systems) [File not signed] R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG) R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-04-06] (BlueStack Systems, Inc.) S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-04-06] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-04-06] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-04-22] (Microsoft Corporation) R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-15] (Electronic Arts) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH) R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-06-26] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-11] () S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-07-02] (Enigma Software Group USA, LLC.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94208 2013-09-24] (Advanced Micro Devices) [File not signed] R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-03-14] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-04-06] (BlueStack Systems) S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation) R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-07-02] (Enigma Software Group USA, LLC.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-07-02] () R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-04-01] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-04-01] (G Data Software AG) R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-01] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-04-01] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-04-01] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-04-22] (G Data Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-01] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-04-01] (G Data Software AG) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] () R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-03-14] () R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-02] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-07-02] () ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 08:15 - 2015-07-02 08:16 - 00030669 _____ C:\Users\User\Downloads\FRST.txt 2015-07-02 08:14 - 2015-07-02 08:15 - 00000000 ____D C:\FRST 2015-07-02 08:14 - 2015-07-02 08:14 - 02112512 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2015-07-02 08:13 - 2015-07-02 08:13 - 01636352 _____ (Farbar) C:\Users\User\Downloads\FRST (1).exe 2015-07-02 08:11 - 2015-07-02 08:11 - 01636352 _____ (Farbar) C:\Users\User\Downloads\FRST.exe 2015-07-02 06:24 - 2015-07-02 06:24 - 00000000 _____ C:\autoexec.bat 2015-07-02 06:23 - 2015-07-02 06:23 - 00003320 _____ C:\Windows\System32\Tasks\SpyHunter4Startup 2015-07-02 06:23 - 2015-07-02 06:23 - 00001087 _____ C:\Users\User\Desktop\SpyHunter.lnk 2015-07-02 06:23 - 2015-07-02 06:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Enigma Software Group 2015-07-02 06:23 - 2015-07-02 06:23 - 00000000 ____D C:\sh4ldr 2015-07-02 06:21 - 2015-07-02 06:21 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys 2015-07-02 06:20 - 2015-07-02 06:20 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-installer.exe 2015-07-02 06:20 - 2015-07-02 06:20 - 00000000 ____D C:\Program Files\Enigma Software Group 2015-07-02 05:05 - 2015-07-02 05:05 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2015-07-02 05:04 - 2015-07-02 05:05 - 00000168 _____ C:\Windows\setupact.log 2015-07-02 05:04 - 2015-07-02 05:04 - 00000322 _____ C:\Windows\PFRO.log 2015-07-02 05:04 - 2015-07-02 05:04 - 00000000 _____ C:\Windows\setuperr.log 2015-06-28 06:01 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-06-28 06:01 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-06-28 06:01 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-06-28 06:01 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-06-28 06:01 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-06-28 06:01 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-06-28 06:01 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-06-28 06:01 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-06-28 06:01 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-06-28 06:01 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-06-28 06:01 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-06-28 06:01 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-06-28 06:01 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-06-28 06:01 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-06-28 06:01 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-06-28 06:01 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-06-28 06:01 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-06-28 06:01 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-06-28 06:01 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-06-28 06:01 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-06-28 06:01 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-06-28 06:01 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-06-28 06:01 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-06-28 06:01 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-06-28 06:00 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-06-19 21:04 - 2015-06-19 21:04 - 06240796 _____ C:\Users\User\Downloads\sammeldownload_20150619_210423.zip 2015-06-12 17:50 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-12 17:50 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-12 17:50 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-12 17:50 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-12 17:50 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-12 17:50 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-12 17:50 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-12 17:50 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-12 17:50 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-12 17:50 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-12 17:50 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-12 17:50 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-12 17:50 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-12 17:50 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-12 17:50 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-12 17:50 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-12 17:49 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-12 17:49 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-12 17:49 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-12 17:49 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-12 17:49 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-12 17:49 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-12 17:49 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-12 17:49 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-12 17:49 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-12 17:49 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-12 17:49 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-12 17:49 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-12 17:49 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-12 17:49 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-12 17:49 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-12 17:49 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-12 17:49 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-12 17:49 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-12 17:49 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-12 17:49 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-12 17:49 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-12 17:49 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-12 17:49 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-12 17:49 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-12 17:49 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-12 17:49 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-12 17:49 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-12 17:49 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-12 17:49 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-12 17:49 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-12 17:49 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-12 17:49 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-12 17:49 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-12 17:49 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-12 17:49 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-12 17:49 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-12 17:49 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-12 17:49 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-12 17:49 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-12 17:49 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-12 17:49 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-12 17:49 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-12 17:49 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-12 17:49 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-12 17:49 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-12 17:49 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-12 17:49 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-12 17:49 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-12 17:49 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-12 17:49 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-12 17:49 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-12 17:49 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-12 17:49 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-12 17:49 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-12 17:49 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-12 17:49 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-12 17:49 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-12 17:49 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-12 17:49 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-12 17:49 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-12 17:49 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-12 17:49 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-12 17:49 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-12 17:49 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-12 17:49 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-12 17:49 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-12 17:49 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-12 17:49 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-12 17:49 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-12 17:49 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-12 17:49 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-12 17:49 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-12 17:49 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-12 17:49 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-12 17:49 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-12 17:49 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-12 17:49 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-12 17:49 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-12 17:49 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-12 17:49 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-12 17:49 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-12 17:49 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-12 17:49 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-12 17:49 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-12 17:49 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-12 17:49 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-12 17:49 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-12 17:49 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-12 17:49 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-12 17:49 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-12 17:49 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-12 17:49 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-12 17:49 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-12 17:49 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-12 17:49 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-12 17:49 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-12 17:49 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-12 17:49 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-12 17:49 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-12 17:49 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-12 17:49 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-12 17:49 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-12 17:49 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-12 17:49 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-12 17:49 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-12 17:49 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-12 17:49 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-12 17:49 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-12 17:49 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-12 17:49 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-12 17:48 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-12 17:45 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-09 08:07 - 2015-06-09 08:07 - 00000000 ____D C:\Users\User\.activetrader 2015-06-09 08:06 - 2015-06-09 08:06 - 00000000 ____D C:\Users\User\activetrader 2015-06-09 08:04 - 2015-06-09 08:04 - 14518767 _____ C:\Users\User\Downloads\AT_Setup_de_windows.exe 2015-06-04 08:14 - 2015-06-04 08:14 - 00060965 _____ C:\Users\User\Downloads\pkeyuibx_v1.5.0.zip 2015-06-04 08:14 - 2015-06-04 08:14 - 00000000 ____D C:\Users\User\Downloads\pkeyuibx_v1.5.0 2015-06-03 20:32 - 2015-06-03 20:32 - 00000000 ____D C:\Users\User\AppData\Local\GWX 2015-06-02 18:25 - 2015-06-02 18:25 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 07:50 - 2014-02-04 21:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-02 07:47 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-02 07:47 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-02 07:42 - 2015-05-04 23:51 - 00000386 _____ C:\Windows\Tasks\update-S-1-5-21-1374076071-3568092761-3529283225-1000.job 2015-07-02 06:30 - 2014-01-31 17:55 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps 2015-07-02 06:06 - 2014-11-19 05:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-02 06:04 - 2014-03-21 20:47 - 00000000 ____D C:\ProgramData\Oracle 2015-07-02 05:56 - 2014-11-19 05:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-02 05:55 - 2014-03-21 20:27 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-02 05:50 - 2014-02-04 21:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-02 05:29 - 2014-08-06 20:31 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-02 05:12 - 2015-03-04 07:18 - 01460169 _____ C:\Windows\WindowsUpdate.log 2015-07-02 05:05 - 2014-01-31 17:54 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2015-07-02 05:04 - 2014-03-07 11:01 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-02 05:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-02 04:58 - 2015-05-04 23:51 - 00000386 _____ C:\Windows\Tasks\update-sys.job 2015-07-02 04:47 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-07-01 09:06 - 2014-03-29 08:37 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{22F32F0F-8400-42A6-9E7A-569F0032ADDE} 2015-06-28 15:13 - 2014-02-04 20:18 - 00000000 ___RD C:\Users\User\Desktop\Musik 2015-06-28 14:01 - 2011-04-12 09:43 - 00700130 _____ C:\Windows\system32\perfh007.dat 2015-06-28 14:01 - 2011-04-12 09:43 - 00149768 _____ C:\Windows\system32\perfc007.dat 2015-06-28 14:01 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-28 06:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-28 05:56 - 2014-08-21 19:37 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2015-06-28 05:56 - 2014-02-04 17:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-28 05:56 - 2014-02-04 17:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-27 07:41 - 2014-02-04 18:57 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-06-27 07:41 - 2014-02-04 18:57 - 00000000 ____D C:\Program Files\CCleaner 2015-06-24 02:28 - 2015-01-01 10:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-06-23 22:57 - 2014-08-06 20:31 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-06-23 22:57 - 2014-08-06 20:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-06-22 22:52 - 2014-02-04 21:18 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-19 04:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-18 08:41 - 2014-08-06 20:31 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-18 08:41 - 2014-08-06 20:31 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-18 08:41 - 2014-08-06 20:31 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-18 08:09 - 2009-07-14 06:45 - 00470376 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-18 08:07 - 2015-04-15 03:16 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-18 08:07 - 2014-04-27 07:56 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-18 07:48 - 2014-01-31 18:17 - 00000000 ____D C:\Windows\system32\MRT 2015-06-18 07:38 - 2013-06-18 20:52 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-15 23:41 - 2014-03-19 18:06 - 00000000 ____D C:\Windows\Minidump 2015-06-08 02:24 - 2014-08-24 21:43 - 00093955 _____ C:\nospam.log 2015-06-08 02:12 - 2014-11-14 22:55 - 00017612 _____ C:\spam.log 2015-06-08 02:11 - 2014-02-20 02:34 - 00000000 ____D C:\Users\User\Documents\Eigene Etiketten 2015-06-03 20:25 - 2014-03-01 05:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-06-03 20:25 - 2014-03-01 05:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight ==================== Files in the root of some directories ======= 2014-04-03 04:58 - 2014-04-03 05:05 - 0000626 _____ () C:\Users\User\AppData\Roaming\All CPU MeterV3_Settings.ini 2014-04-26 00:20 - 2014-04-26 00:30 - 0000117 _____ () C:\Users\User\AppData\Roaming\Camdata.ini 2014-04-26 00:20 - 2014-04-26 00:30 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini 2014-04-26 00:20 - 2014-04-26 00:30 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini 2014-04-26 00:20 - 2014-04-26 00:28 - 0004416 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg 2015-02-05 04:26 - 2015-02-05 04:26 - 0000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log 2015-02-05 04:26 - 2015-02-05 06:58 - 0000976 _____ () C:\Users\User\AppData\Roaming\gdscan.log 2014-07-04 00:30 - 2014-07-04 00:30 - 0002008 _____ () C:\Users\User\AppData\Local\BDB795C0C9284bc3A3FA3517D1AC6BEA.Postcrossing mit Haus1.lbx 2014-02-22 04:44 - 2014-03-24 11:02 - 0007598 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg 2015-05-04 23:51 - 2015-05-04 23:51 - 0000003 _____ () C:\Users\User\AppData\Local\updater.log 2015-05-04 23:51 - 2015-05-04 23:51 - 0000424 _____ () C:\Users\User\AppData\Local\UserProducts.xml 2014-03-02 05:20 - 2014-03-02 05:20 - 0000007 _____ () C:\Users\User\AppData\Local\~wmrg 2014-02-20 02:18 - 2014-02-20 02:18 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-24 05:27 ==================== End of log ============================ FRST Additions Logfile: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by User at 2015-07-02 08:16:31
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1374076071-3568092761-3529283225-500 - Administrator - Disabled)
Gast (S-1-5-21-1374076071-3568092761-3529283225-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1374076071-3568092761-3529283225-1003 - Limited - Enabled)
User (S-1-5-21-1374076071-3568092761-3529283225-1000 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\{7C548501-3501-468A-A443-CC42F5B3626B}) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.20.5213 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{78BF00E5-9FD7-4ACD-B7DE-D6CECED1D29A}) (Version: 0.9.20.5213 - BlueStack Systems, Inc.)
Brother P-touch Address Book 1.1 (HKLM-x32\...\{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.2201 - Brother Industries, Ltd.)
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0060 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{6D63E893-C93E-4F61-A62B-53B3EF9D3A45}) (Version: 1.0.0072 - Brother Industries, Ltd.)
Brother QL-Series Software User's Guide (HKLM-x32\...\InstallShield_{A242CAB2-870C-4AC9-8AFE-34379D9383CD}) (Version: 1.00.0000 - Brother Industries, Ltd.)
Brother QL-Series Software User's Guide (x32 Version: 1.00.0000 - Brother Industries, Ltd.) Hidden
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.5.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 0.1.26 - Warner Bros. Entertainment Inc.)
Flixster (x32 Version: 0.1.26 - Warner Bros. Entertainment Inc.) Hidden
Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.4 - G DATA Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\...\MyFreeCodec) (Version: - )
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{03EC56DE-6424-43D7-A020-1EEE3E8159DE}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerTH (HKLM-x32\...\PokerTH 1.1.1) (Version: 1.1.1 - www.pokerth.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Securita Scout (HKLM-x32\...\Securita Scout) (Version: - ) <==== ATTENTION
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
XMedia Recode Version 3.1.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.6 - XMedia Recode)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1374076071-3568092761-3529283225-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
24-06-2015 05:21:29 Windows Update
28-06-2015 05:57:22 Windows Update
28-06-2015 06:01:09 Windows Update
02-07-2015 05:45:35 ActiveTrader Deutschland wurde entfernt.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D87E014-38D4-418F-A525-4674E8A925B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {3082A69B-A13E-4F39-9B05-29BB0748FACE} - System32\Tasks\{043DD16A-86B4-44B3-8CBB-4549F808BEDE} => pcalua.exe -a C:\Users\User\Desktop\Downloads\iview438_setup.exe -d C:\Users\User\Desktop\Downloads
Task: {31822A24-039C-46E8-AE6E-B4843AD36AC0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-22] (Microsoft Corporation)
Task: {4761C75E-8C84-4DAF-8F73-42EB84BB5109} - System32\Tasks\update-S-1-5-21-1374076071-3568092761-3529283225-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {56DB22A5-4530-4EF3-9750-B010F585790C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-07-02] (Enigma Software Group USA, LLC.)
Task: {576AAFF6-3E73-4ED1-AAF7-9DED5F13969A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04] (Google Inc.)
Task: {7AEFE03E-2F06-40FA-9C4D-A02CF772EB4E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {86F2EBC3-D99B-4668-967D-6B96D7A972E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {92F60A7C-4D26-4196-82CD-2E22A10F496D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {AC1AEC1B-13A6-4D1C-BE21-50CDC67D8C73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04] (Google Inc.)
Task: {C1E8DA80-47E3-4A77-9D88-655E6BD4E936} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C78DBFF2-477D-4A22-8ADB-C08BB7765CAF} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {CE43E4A3-00B4-411C-8862-5E4D81447EDB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1374076071-3568092761-3529283225-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DBDD6E34-4A7E-4652-96C7-16D0DFC1F00F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {ED809E82-E041-471A-B93D-E6B18238CB6D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1374076071-3568092761-3529283225-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FE4F6E61-3921-423C-A856-D3F926DB81C2} - System32\Tasks\{B0E1D78C-198C-4D0F-B003-B26CCAFFE0C4} => pcalua.exe -a "C:\ProgramData\G Data\Setups\{85203592-3610-4FB9-AA11-15B2255B5A12}\setup.exe" -c /InstallMode=Uninstall /_DoNotShowChange=true
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1374076071-3568092761-3529283225-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (Whitelisted) ==============
2014-03-07 11:01 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-15 22:52 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-14 15:42 - 2013-03-14 15:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 15:42 - 2013-03-14 15:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-04-08 09:44 - 2014-04-11 13:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-02-20 05:42 - 2015-02-20 05:42 - 00382072 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-06-28 05:56 - 2015-06-28 05:56 - 17321648 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll
2015-06-22 22:52 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-22 22:52 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-05-19 23:06 - 2015-05-19 23:06 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-19 23:06 - 2015-05-19 23:06 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-19 23:06 - 2015-05-19 23:06 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-06-22 22:52 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1374076071-3568092761-3529283225-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{52279A7D-6469-4E64-97D2-AFD4200EBE82}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{97106C6C-548D-4AD3-815D-D9E63D74514E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0E3AB37E-E388-4F04-9043-73FE398886A1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{57DBF5BC-58A8-432D-B9A6-EE74A41794AA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{A4916BBA-A409-4BB6-8068-5DD6F0DE0C95}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{8A3B2CEC-5F91-4AF7-9427-D6FC1541287E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{3B51EE4B-10F7-4A26-B561-8C903CC61E1F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8D9DC778-E7C7-4D50-9AD3-77D02B424E9B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{90E01363-88A2-411A-844B-F342DD569DCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{63799284-3723-4250-8366-E24DA71D5ACD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E9E6AB62-E200-4075-8B8D-BA60D530CA09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6D40F942-7555-4384-91C8-E414D7CF55AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{54EFB91B-8FF7-47E2-B000-0E30B5E99991}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{74D40E7E-E958-490B-9773-403E94A20AD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82E24FC0-0238-470E-B0D8-7424226990CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DF256ED1-C30E-4B90-9876-FCBD31D0BCA7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D02718-E26C-4511-9EBB-FAF146CA6905}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{854AA9EC-F441-41D9-B66F-946EE53F9274}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0B4155C3-AD5B-4FC6-817A-616291AA6EFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{45BE5234-C989-462D-8A2D-A1AFB76945C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D291C483-9344-42A3-B7B5-0A411575821A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{EB0A1F9E-9B15-4E47-A239-9C364E76C896}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{B69C79BC-75A6-4E29-8F04-70E6AF8DD49B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{CB9F7F5B-7804-4DDB-8FB0-2886B076540B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{E3CDFEF9-B2CE-40A5-9E71-03F255D59988}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{50844DC1-B484-432E-84E9-FF45F2B6D3FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{3D6817F1-48DE-4644-BCB5-18D288645BA8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2A2063B8-0676-431B-BD99-39BFF5F76191}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{5D37D015-A7F4-449C-A024-1962D1B61CA2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{AB8813B3-B1BC-45E3-BF23-D440A6128513}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{840CB363-BC33-4ED1-9BD5-7322E8FE1850}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7970FA63-4747-43D1-88DA-4B88BBF248DF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{30168F8D-17B6-459C-AE7C-CA06CF88F0F1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B8B507E9-9A9F-4BE1-8464-F7F713FBE235}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EAB91C3A-F4E8-4F43-86AB-8F0BFD86CA74}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{277A737B-8291-4D5F-B580-A927A0CED510}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE8B0918-7668-46AD-88EB-21D0240F5D43}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{1D34B187-22B4-4551-BF56-86BA4A897AE1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{70200AFC-D56A-4A9A-ACA7-6ACCFD96D88C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{F257F0CD-5D5E-40E1-9B78-DB754C3D599C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{FB02EF44-BBED-4F86-B899-19382DCE4E15}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1687CB9B-619C-4DD8-B87C-74F684105C97}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D36995D6-17E0-42EE-B39C-AC9F68291E9B}] => (Allow) D:\fsetup.exe
FirewallRules: [{20C999FF-E8F0-47FB-9F6A-F1DC4259D7D8}] => (Allow) D:\fsetup.exe
FirewallRules: [{59D9EDEC-B542-4C12-9564-7026E749FAFE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{004F5DAD-80EE-46E6-8BC0-04196766BDE2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEB6665D-5993-4873-B16E-0AA24F375144}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{A555A811-238D-4069-B4EB-DD47E2CCC381}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{1341DC97-DFE3-4215-A71C-840DEFB33718}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{737DB158-D72C-433A-99D7-259D11572722}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{74C706DA-540F-4E06-AD0D-EE05A19634D6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{04B1374E-5637-419D-823B-0A04A4C3D581}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{3370429E-3BE9-4D2C-99B7-8D856F7B560D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{6EC6E7D1-83DA-4CE4-B4CA-3F695AAF2359}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{A369D5E9-1B6A-436D-9CC6-829B2BDA5F4D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{C1996E2A-D723-4CE4-AD38-BB5D0E4D6261}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{D44B35B1-EF40-43B3-B9F7-8505B76377FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{F7680BEC-F5F7-4F07-A85F-C60152A4F174}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{CA44EF4D-4B3C-438F-B85C-D1902E685EBB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{03C94BDD-251C-4D6E-A0A8-E4362C8E241F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{B64CA706-77A1-4C48-AEA9-AADAE8EF6471}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2015 06:30:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.1.5611, Zeitstempel: 0x55541a90
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.1.5611, Zeitstempel: 0x55540a1e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x228c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/02/2015 05:06:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2015 05:06:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Name des fehlerhaften Moduls: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a90f6
ID des fehlerhaften Prozesses: 0xcf0
Startzeit der fehlerhaften Anwendung: 0xNvNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvNetworkService.exe1
Pfad des fehlerhaften Moduls: NvNetworkService.exe2
Berichtskennung: NvNetworkService.exe3
Error: (07/02/2015 04:48:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2015 04:47:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Name des fehlerhaften Moduls: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a90f6
ID des fehlerhaften Prozesses: 0xb88
Startzeit der fehlerhaften Anwendung: 0xNvNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvNetworkService.exe1
Pfad des fehlerhaften Moduls: NvNetworkService.exe2
Berichtskennung: NvNetworkService.exe3
Error: (07/02/2015 04:42:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2015 04:41:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Name des fehlerhaften Moduls: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a90f6
ID des fehlerhaften Prozesses: 0xdcc
Startzeit der fehlerhaften Anwendung: 0xNvNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvNetworkService.exe1
Pfad des fehlerhaften Moduls: NvNetworkService.exe2
Berichtskennung: NvNetworkService.exe3
Error: (07/02/2015 04:39:43 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (07/02/2015 01:25:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Name des fehlerhaften Moduls: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a90f6
ID des fehlerhaften Prozesses: 0x21cc
Startzeit der fehlerhaften Anwendung: 0xNvNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvNetworkService.exe1
Pfad des fehlerhaften Moduls: NvNetworkService.exe2
Berichtskennung: NvNetworkService.exe3
Error: (07/02/2015 01:25:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Name des fehlerhaften Moduls: NvNetworkService.exe, Version: 2.2.0.50, Zeitstempel: 0x54b0652e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a90f6
ID des fehlerhaften Prozesses: 0x20b8
Startzeit der fehlerhaften Anwendung: 0xNvNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvNetworkService.exe1
Pfad des fehlerhaften Moduls: NvNetworkService.exe2
Berichtskennung: NvNetworkService.exe3
System errors:
=============
Error: (07/02/2015 05:06:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2015 05:05:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Log Rotator Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/02/2015 05:05:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BlueStacks Log Rotator Service erreicht.
Error: (07/02/2015 04:47:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2015 04:43:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2015 04:43:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.
Error: (07/02/2015 04:39:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/02/2015 04:39:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Personal Firewall erreicht.
Error: (07/02/2015 04:39:38 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053GDFwSvc-Service{1DED95CA-C567-464A-B405-087EDDF0B095}
Error: (07/02/2015 01:51:12 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Microsoft Office:
=========================
Error: (07/02/2015 06:30:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1228c01d0b47e9c4fb74fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1ab5ee2a-2073-11e5-87e2-bc5ff4e40f16
Error: (07/02/2015 05:06:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2015 05:06:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.2.0.5054b0652eNvNetworkService.exe2.2.0.5054b0652ec0000005000a90f6cf001d0b474001b05b6C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe4847dcde-2067-11e5-87e2-bc5ff4e40f16
Error: (07/02/2015 04:48:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2015 04:47:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.2.0.5054b0652eNvNetworkService.exe2.2.0.5054b0652ec0000005000a90f6b8801d0b4716b076992C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeb3517d1f-2064-11e5-8f98-bc5ff4e40f16
Error: (07/02/2015 04:42:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2015 04:41:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.2.0.5054b0652eNvNetworkService.exe2.2.0.5054b0652ec0000005000a90f6dcc01d0b470937b00f9C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exee094c3ea-2063-11e5-8d02-bc5ff4e40f16
Error: (07/02/2015 04:39:43 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (07/02/2015 01:25:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.2.0.5054b0652eNvNetworkService.exe2.2.0.5054b0652ec0000005000a90f621cc01d0b4553f1b5753C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe7ccbe97b-2048-11e5-9295-bc5ff4e40f16
Error: (07/02/2015 01:25:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.2.0.5054b0652eNvNetworkService.exe2.2.0.5054b0652ec0000005000a90f620b801d0b4553eaed931C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe7c5ecf21-2048-11e5-9295-bc5ff4e40f16
CodeIntegrity Errors:
===================================
Date: 2014-09-03 05:11:38.552
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 03:36:34.623
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 03:23:31.597
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 02:46:46.979
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-03 00:12:03.162
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 20:40:09.463
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 08:51:25.363
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 08:43:58.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 08:20:19.838
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 07:43:06.267
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Percentage of memory in use: 49%
Total physical RAM: 8108.77 MB
Available physical RAM: 4055.77 MB
Total Pagefile: 16215.74 MB
Available Pagefile: 10074.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1862.67 GB) (Free:1702.64 GB) NTFS
==================== MBR & Partition Table ==================
Could not read MBR for disk 0.
==================== End of log ============================
--- --- --- Sorry was vergessen , vor lauter unwissenheit hab ich mir natürlich danach noch denn spyhunter drauf geladen  , wie peinlich wenn man das jetzt alles so liest
__________________ |
|
02.07.2015, 08:43
| #4 |
| | Virenmeldung Trojan-Ransom.Browlock.E Hallöchen, ich habe das "Problem" heute morgen auf etlichen Firmenrechnern mit GDATA (Bitdefender Engine) auch. Ich gehe derzeit davon aus, dass es entweder ein Fehlalarm ist oder dass ein Werbenetzwerk (vermutlich doubleclick) kompromittiert wurde. Allerdings ist der Fehlalarm wahrscheinlicher. Selbst hier auf trojaner-board.de kommt die Virenmeldung  |
|
02.07.2015, 09:24
| #5 |
| | Virenmeldung Trojan-Ransom.Browlock.E hallo, klasse dann hab ich mir nun denn mist von spyhunter in der hektik drauf gezogen , ich hab mich schon gewundert ohne ende wo der virus herkommen soll wie werd ich dann diesen spyhunter wieder los : 
__________________ Thx |
|
02.07.2015, 09:37
| #6 |
| | Virenmeldung Trojan-Ransom.Browlock.E |
|
02.07.2015, 17:04
| #7 |
| /// the machine /// TB-Ausbilder | Virenmeldung Trojan-Ransom.Browlock.E Hi, ich weiß Du hast noch die Rechte, aber bitte nicht in malwarerelevante Themen posten. Da sollten nur der TO und Teamis reinposten @TO Deaktiviere bitte dein Antivirenprogramm, da es die Entfernung von SpyHunter blockieren kann. Bitte downloade SpyHunterCleaner auf Deinen Desktop.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.07.2015, 04:39
| #8 |
| | Virenmeldung Trojan-Ransom.Browlock.E hallo schrauber , ist erfolgreich erledigt , alle anderen viren meldungen sind auch weg und erledigt , system habe ich zusätzlich noch gereinigt , vielen lieben dank für die super schnelle hilfe 
__________________ Thx |
|
03.07.2015, 09:04
| #9 |
| /// the machine /// TB-Ausbilder | Virenmeldung Trojan-Ransom.Browlock.E ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Virenmeldung Trojan-Ransom.Browlock.E |
| angezeigt, blocken, brauche, browlock, chrome, eintrag, engine, erklärung, firewall, gescheitert, googel, googel chrome, heute, meldung, script.trojan-ransom.browlock.e, troja, trojan-ransom.browlock.e, verbinden, versuch, versuche, versucht, virenmeldung, virus |
Linear-Darstellung
