| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pc mit malware infiziertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.12.2014, 00:17
| #16 |
 |  Pc mit malware infiziert Jo, dann bis morgen Hab jetzt noch zoek laufen lassen Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 29-11-2014
Tool run by Issam276 on 30.11.2014 at 23:31:21,88.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Issam276\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
30.11.2014 23:32:21 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Firefly Studios deleted successfully
C:\PROGRA~2\MarkAny deleted successfully
C:\PROGRA~2\mresreg deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\PROGRA~2\Wondershare deleted successfully
C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully
C:\Program Files\SAMSUNG deleted successfully
C:\PROGRA~3\Aeria Games deleted successfully
C:\PROGRA~3\AllTubeeNoiAdss deleted successfully
C:\PROGRA~3\ASUS OC Profiles deleted successfully
C:\PROGRA~3\dbg deleted successfully
C:\PROGRA~3\Hi-Rez Studios deleted successfully
C:\PROGRA~3\Logitech deleted successfully
C:\PROGRA~3\ProductData deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted successfully
C:\Users\Gast\AppData\Roaming\Clonk Rage deleted successfully
C:\Users\Issam276\AppData\Roaming\mresreg deleted successfully
C:\Users\Issam276\AppData\Roaming\Publish Providers deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Roaming\ts3overlay deleted successfully
C:\Users\Issam276\AppData\Local\cache deleted successfully
C:\Users\Issam276\AppData\Local\Secunia PSI deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\SearchScopes\{05A0C896-138B-408C-9E3A-287CA7E91D23} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8567A644-E36C-470C-86CF-9C5B4F37DB81} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8567A644-E36C-470C-86CF-9C5B4F37DB81} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32EA9519-3098-45A8-975C-46B03938E6D9} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355F56B-C76C-49C3-AB23-12B86E6B4D} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78D859A8-E20C-4CB2-A525-BF361AD4FE26} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D020107} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D020107} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D020107} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D020107} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C37DAEA-FEDF-440D-947-CB9BF6F767FF} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7DDDD3E-584-43FB-B535-C0F5E2D7B48F} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA6FE3-4304-4A14-B94E-43782CEEC5C9} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F60C8965-E322-4DE8-BCF-12E8EFB8EA9A} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC38B541-63A0-4F0A-B3D7-669DCF1D1EA8} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D020107} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Approved Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\URLSearchHooks\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Approved Extensions\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8567A644-E36C-470C-86CF-9C5B4F37DB81} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8567A644-E36C-470C-86CF-9C5B4F37DB81} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Approved Extensions\{8567A644-E36C-470C-86CF-9C5B4F37DB81} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\URLSearchHooks\{8567A644-E36C-470C-86CF-9C5B4F37DB81} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Approved Extensions\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{fe063412-bea4-4d76-8ed3-183be6220d17} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
==== Installed Programs ======================
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09) - Deutsch
AI Suite
AIO_Scan
Akamai NetSession Interface
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD AVIVO64 Codecs
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD OverDrive
AMD VISION Engine Control Center
ANIO Service
ANIWZCS2 Service
Apple Software Update
Application Profiles
ASUSUpdate
AutoHotkey 1.0.48.05
Avast Free Antivirus
AVM FRITZWLAN
Battle.net
BufferChm
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chris-PC Game Booster
ChrisPC DNS Switch 1.40
Copy
Counter-Strike: Source
D-Link Wireless G DWL-G122_DWA-110
D3DX10
DayZ Commander
Destinations
DeviceDiscovery
Diablo III
DJ_AIO_ProductContext
DJ_AIO_Software
DJ_AIO_Software_min
Dota 2
Dropbox
eReg
F4100
F4100_Help
Fa‡ade
Facebook Messenger 2.1.4814.0
Futuremark SystemInfo
Gameforge Live 2.0.5
Garry's Mod
Google Chrome
Google Update Helper
GPBaseService2
Hearthstone
HP Customer Participation Program 13.0
HP Deskjet All-In-One Driver Software 13.0 Rel. 1
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
HydraVision
InfraRecorder
Java 7 Update 71
Java 7 Update 71 (64-bit)
Java 8 Update 25
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
League of Legends
Left 4 Dead 2
LOLReplay
Malwarebytes Anti-Malware Version 2.0.3.1025
MarketResearch
MEGAsync
Mesh Runtime
Messenger Companion
Metin2
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office Klick-und-Los 2010
Microsoft Office Starter 2010 - Deutsch
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft XNA Framework Redistributable 3.1
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MorphVOX Junior
MorphVOX Pro
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTA:SA v1.4.0
NVIDIA PhysX
OkayFreedom
OpenAL
OpenOffice.org 3.4.1
osu
PC Probe II
PileFile reminder
RAIDXpert
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
RuneScape Launcher 1.2.3
S.K.I.L.L. - Special Force 2
Samsung Kies3
SAMSUNG USB Driver for Mobile Phones
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Shop for HP Supplies
Skype Click to Call
SkypeT 6.21
SmartWebPrinting
SolutionCenter
Spotify
Status
Steam
System Requirements Lab CYRI
Team Fortress 2
TeamSpeak 3 Client
TeamViewer 10
TERA
The Binding of Isaac
Toolbox
TrayApp
Turbo Key
Unity Web Player
UnloadSupport
WebReg
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.11 (64-Bit)
WinSCP 4.3.8
World of Warcraft
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Windows\SysWOW64\ANIWConnService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\SysWOW64\WinMsgBalloonServer.exe
C:\Windows\SysWOW64\WinMsgBalloonClient.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Users\Issam276\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Services(whitelist) ======================
Powered by E Dev
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
R2 - [AMD FUEL Service] - AMD FUEL Service - c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe
R2 - [AMD_RAIDXpert] - AMD RAIDXpert - c:\program files (x86)\amd\raidxpert\bin\raidxpertservice.exe
R2 - [AsSysCtrlService] - ASUS System Control Service - c:\program files (x86)\asus\assysctrlservice\1.00.02\assysctrlservice.exe
R2 - [AVM WLAN Connection Service] - AVM WLAN Connection Service - c:\program files (x86)\avmwlanstick\wlannetservice.exe
R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe
R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe
R2 - [cvhsvc] - Client Virtualization Handler - c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe
R2 - [PnkBstrA] - PnkBstrA - c:\windows\system32\pnkbstra.exe [x]
R2 - [Secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe
R2 - [Secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe
R2 - [sftlist] - Application Virtualization Client - c:\program files (x86)\microsoft application virtualization client\sftlist.exe
R2 - [TeamViewer] - TeamViewer 10 - c:\program files (x86)\teamviewer\teamviewer_service.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player-Netzwerkfreigabedienst - c:\program files\windows media player\wmpnetwk.exe
R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files (x86)\microsoft application virtualization client\sftvsa.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update-Dienst (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Gatewaydienst auf Anwendungsebene - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET-Zustandsdienst - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+-Systemanwendung - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center-Empfängerdienst - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center-Planerdienst - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation-Schriftartcache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update-Dienst (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Leistungsindikator-DLL-Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - RPC-Locator - c:\windows\system32\locator.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtueller Datenträger - c:\windows\system32\vds.exe
S3 - [VSS] - Volumeschattenkopie - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Blockebenen-Sicherungsmodul - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI-Leistungsadapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [BEService] - BattlEye Service - c:\program files (x86)\common files\battleye\beservice.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S4 - [OkayFreedom VPN Starter Service] - OkayFreedom VPN Starter Service - c:\program files (x86)\okayfreedom\okayfreedomservice.exe
S4 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S4 - [SNMPTRAP] - SNMP-Trap - c:\windows\system32\snmptrap.exe
S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe
S4 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\pilwudwt.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://go.microsoft.com/fwlink/?LinkId=69157");
Added to C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\pilwudwt.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\67lidknx.default\prefs.js:
user_pref("backup.old.browser.startup.homepage", "hxxp://www.google.de/");
user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("browser.search.order.1", "Privitize VPN");
user_pref("keyword.URL", "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
Added to C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\67lidknx.default\prefs.js:
Deleted from C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\mData\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
Added to C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\mData\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\prefs.js:
user_pref("browser.search.defaulturl", "hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\prefs.js:
ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\pilwudwt.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__2357_.backup
ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\67lidknx.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__2357_.backup
ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\mData
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__2357_.backup
ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__2357_.backup
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} not found
C:\Windows\syswow64\appdata deleted
C:\Users\Issam276\AppData\LocalLow\{60DA1ADD-28AC-5A31-C474-0D2281275C75} deleted
C:\Users\Issam276\AppData\LocalLow\{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410} deleted
C:\Users\Issam276\AppData\LocalLow\{DC956CD8-5F0D-7D45-867F-66FE75C45B12} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{2D311F0B-3C2B-68BA-BC0A-BB02D6CED681} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{DD7692B1-81D6-C9EC-CBDE-DE5B320B23A7} deleted
C:\Users\Issam276\AppData\Local\Packages\windows_ie_ac_001\AC\{60DA1ADD-28AC-5A31-C474-0D2281275C75} deleted
C:\Users\Issam276\AppData\Local\Packages\windows_ie_ac_001\AC\{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410} deleted
C:\Users\Issam276\AppData\Local\Packages\windows_ie_ac_001\AC\{DC956CD8-5F0D-7D45-867F-66FE75C45B12} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{2D311F0B-3C2B-68BA-BC0A-BB02D6CED681} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{DD7692B1-81D6-C9EC-CBDE-DE5B320B23A7} deleted
C:\PROGRA~3\DivX deleted
C:\PROGRA~3\Overwolf deleted
C:\Users\Gast\AppData\LocalLow\Online_Sharing deleted
C:\Users\Issam276\.android deleted
C:\PROGRA~2\Yahoo! deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Issam276\AppData\Roaming\config.ini deleted
C:\Users\Issam276\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Issam276\Downloads\HDVidCodec.exe deleted
C:\Users\Issam276\AppData\LocalLow\Company deleted
C:\Users\Issam276\AppData\LocalLow\{FAECC00E-8025-47C7-94A5-DCC838C392A1} deleted
C:\Users\Issam276\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\wangzhisong deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Issam276\Documents\Add-in Express deleted
C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\staged deleted
"C:\PROGRA~3\mlcalnbafllpekjinmmklpgcblhlaffh\mlcalnbafllpekjinmmklpgcblhlaffh.crx" deleted
"C:\PROGRA~3\mlcalnbafllpekjinmmklpgcblhlaffh\update.xml" deleted
"C:\PROGRA~3\oeiclgdmiipmnmhjjoncbohblhelhmcd\oeiclgdmiipmnmhjjoncbohblhelhmcd.crx" deleted
"C:\PROGRA~3\oeiclgdmiipmnmhjjoncbohblhelhmcd\update.xml" deleted
"C:\PROGRA~3\mlcalnbafllpekjinmmklpgcblhlaffh" deleted
"C:\PROGRA~3\oeiclgdmiipmnmhjjoncbohblhelhmcd" deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8175 MB
CPU Info: AMD FX(tm)-4100 Quad-Core Processor
CPU Speed: 3617,2 MHz
Sound Card: Lautsprecher (Realtek High Defi |
Display Adapters: AMD Radeon HD 6570 | AMD Radeon HD 6570 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; HK241DPB |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: TAP-Windows Adapter V9 | Anchorfree HSS VPN Adapter #2 | Anchorfree HSS VPN Adapter | FRITZ!WLAN USB Stick N | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-222BB
Ports: COM1 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 921,7GB | Q: 0,0MB
Hard Disks - Free: C: 694,6GB | Q: 0,0MB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 03/26/12 | 032612 - 20120326
Time Zone: Mitteleuropäische Zeit
Motherboard *: ASUSTeK Computer INC. M5A78L-M LE
Country: Deutschland
Language: DEU
==== System Specs (Software) ======================
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Internet Explorer Version: 9.0.8112.16421
Mozilla Firefox version: 30.0 (x86 de)
Google Chrome version: 39.0.2171.71
Adobe Reader version: 11.0.9.29
Sun Java version: 1.8.0_25 (32-bit)
Sun Java version: 1.7.0_71 (64-bit)
Flash Player version: 15.0.0.239
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-11-30 22:21:22 B59EF013D567E5746F1DEE2565F747ED 43152 ----a-w- C:\Windows\avastSS.scr
2014-11-30 19:47:36 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-11-30 19:47:36 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-11-30 19:47:36 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-11-30 19:47:36 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-11-30 19:47:36 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Issam276\AppData\Local\Temp ====
====== Java Cache =====
2014-11-19 14:52:59 E2304B32386391A42B27B3385D553314 45854 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\72110ca-4d64bc5d
2014-11-19 16:42:08 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\7ac6dce-57637f60
2014-11-19 20:01:15 061F6EC3E5935A8C3313F482D6BD3124 1465253 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\3c6fcb90-27f7ee18
2014-11-19 14:52:50 225B7C8AA76356EACAE75B3C31762373 1465253 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\4b553ad3-667cdea1
2014-11-19 16:30:04 9BBC789ACC79E7AD60833326C03066DB 1465253 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\8c59593-3580cfa8
2014-11-19 17:10:11 E6B9F65CB70307E9CF31CA8039566CC2 81376 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\13d9cc42-4a73cc72
2014-11-19 20:01:14 C430C316CAB5C3DD9F5BCA1E6BCC24A2 464 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\6b3b89c2-1a932decd2fdef062f339ac67550de50d7b2ca7b79d2cefcae9f587930a83e5c-6.0.lap
2014-11-19 17:07:50 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\164fa5d6-1c2b6e01
2014-11-19 16:35:12 E6B9F65CB70307E9CF31CA8039566CC2 81376 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\29a84fdc-43d0d8d5
2014-11-19 14:32:56 8C11314F93264D9A8717724367FD473B 449 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\140209e0-c616fb5881c61e44f021129e016d55597d0dc956e586cdfe140f50c203c12e6e-6.0.lap
2014-11-19 16:33:07 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\78127921-4f2a6d00
2014-11-19 16:32:23 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\694f6f63-19cd1269
2014-11-19 16:34:48 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\41f76a25-67994a81
2014-11-19 19:15:37 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\701e4666-4f4c1d42
2014-11-19 19:15:30 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\701e4666-5a5aa44a
2014-11-19 17:08:49 1A21C2F5B13C7B2A0D0992588EBE813B 1465253 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\61c0b785-12ee3cb9
2014-11-19 16:23:39 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\3eb99d33-60d9b75c
2014-11-19 17:08:48 66BB92573FB7E0BEAB48D1B8481EE039 464 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\595a0773-71bb5c9ce41cfa1b14a92d025c7eb89ff84d758506ab16f7ea4ddeb9627db939-6.0.lap
2014-11-19 14:52:47 B4BAAFDACA6D29ACA5CEC5B25624E99B 464 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\6ae3ae33-3ee7e7cce3dfe7c6c53e8646509c6e5a368ea409021fa4a771e6420259b97c5d-6.0.lap
2014-11-19 20:01:20 165B6DC3CDB246368F69C4839C9F4065 3799 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\19325ab5-24a1e142
2014-11-19 15:27:29 0318D3F32678A83FD3BB8F6E2DB7FDF0 67861 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\57726079-451f231f
2014-11-19 16:23:30 B17C2F2902A3B16DB631578F1A1E2E03 415 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\687c1cb9-abb7fb572874e8d16eb529efed963daea4ae2cd338f2f28a9acd7d2cf8815bf2-6.0.lap
2014-11-19 15:27:26 6921D493774FF639E4FC3933FF7175BD 1479355 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\1f0757a-55f08dc5
2014-11-19 16:30:03 1EE9A88CF9800BC2A986FC0CDDCB55FB 464 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\158373d-5994bfaa477ccb6b824c4ca1a3298fa477ffc377d85c443ed50a17ca9240415c-6.0.lap
2014-11-19 14:33:06 FE97A482C16ABC997AAB5999FAD231B0 1465253 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\3fb627e-4cdd66c4
2014-11-19 16:41:59 F60C92AED0B8C739DAD9EA7086F54558 413 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\5e665c07-3521a16312943acc2dd1fc12bc3ee72cb7ee411658900c8488bc8a82be92c6e7-6.0.lap
2014-11-19 15:27:17 532BDFCF8D94A4F3D3EC3AE1912BC664 415 ----a-w- C:\Users\Issam276\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\b476248-0d263939037d6a36f1e40f1056484ff11edd8dac1aa6b0d4478778213ae18595-6.0.lap
====== C:\Windows\SysWOW64 =====
2014-11-30 18:53:21 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Windows\SysWOW64\javaws.exe
2014-11-19 14:31:14 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll
2014-11-19 14:31:10 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-11-30 22:21:25 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe
2014-11-30 18:51:38 F1C88472D958AB11BAC6962E2AEC7404 319912 ----a-w- C:\Windows\Sysnative\javaws.exe
2014-11-30 18:51:31 49D5F34494D68E7DC97303F485E89BAE 111016 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll
2014-11-30 18:51:31 3EA40C7B5D07EEFC2DE0FCFE873CE48F 189352 ----a-w- C:\Windows\Sysnative\javaw.exe
2014-11-30 18:51:31 32E6FE50B771AF749516EE0B6A9AD688 189352 ----a-w- C:\Windows\Sysnative\java.exe
2014-11-19 14:31:15 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-11-19 14:31:14 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll
====== C:\Windows\Sysnative\drivers =====
2014-11-30 22:21:31 7509F07BA6F84C1E3B2C0D78A1F6F782 116728 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys
2014-11-30 22:21:30 B1881A01E301990B671694CA1623F1B6 436624 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2014-11-30 22:21:30 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 267632 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys
2014-11-30 22:21:29 1323269A92645705DEFA053F3596829D 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
2014-11-30 22:21:28 9BE9F2B83DE80E2752B1405CC427E2EC 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys
2014-11-30 22:21:28 4750016EF9CC1DEC6DA3FE5AF9A7F095 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2014-11-30 22:21:28 2DA1C1AEDF454F8E32A863A1AEACDD8C 83280 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2014-11-30 22:21:26 E74FD717476B30E23F45354B8F3ACB30 1050432 ----a-w- C:\Windows\Sysnative\drivers\aswsnx.sys
2014-11-30 22:21:26 655D6F1B8722091427FB18663A546E2C 1050432 ----a-w- C:\Windows\Sysnative\drivers\aswsnx.sys.1417386103705
2014-11-12 22:18:24 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-11-06 17:45:19 91310683D7B6B292B746D60734B59322 206080 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys
2014-11-06 17:45:19 30710AEFCE721CEEE0F35EB6A01C263C 110336 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys
====== C:\Windows\Tasks ======
2014-11-30 22:21:36 36337CD1BE4DA5766FC042B235485994 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-11-30 18:41:44 -------- d-----w- C:\PROGRA~2\Secunia
2014-11-28 23:10:12 -------- d-----w- C:\PROGRA~2\Diablo III
2014-11-28 23:02:52 -------- d-----w- C:\PROGRA~2\Battle.net
2014-11-19 15:26:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Issam276\AppData\Roaming ======
2014-11-30 20:10:21 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-11-30 20:10:21 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\temp
2014-11-30 20:10:21 -------- d-----w- C:\Users\Gast\AppData\Local\temp
2014-11-30 20:10:21 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\temp
2014-11-30 20:10:21 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-11-30 20:10:21 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2014-11-30 20:10:21 -------- d-----w- C:\Users\Administrator\AppData\Local\temp
2014-11-28 23:03:11 -------- d-----w- C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-28 23:03:02 -------- d-----w- C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-28 23:03:02 -------- d-----w- C:\Users\Issam276\AppData\Local\Battle.net
2014-11-27 20:21:49 -------- d-----w- C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-11-19 14:36:56 -------- d-----w- C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-11-18 16:48:13 -------- d-----w- C:\Users\Issam276\AppData\Roaming\TERA
2014-11-07 16:57:00 -------- d-----w- C:\Users\Issam276\AppData\Roaming\Spotify
2014-11-01 19:28:06 -------- d-----w- C:\Users\Issam276\AppData\Local\osu!
====== C:\Users\Issam276 ======
2014-11-30 22:17:16 7C494CFC45ACFA81A61E310002D7C508 132469808 ----a-w- C:\Users\Issam276\Downloads\avast_free_antivirus_setup_10.2208.712.exe
2014-11-30 21:21:33 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\Issam276\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-30 20:10:21 -------- d-----w- C:\Users\Public\AppData
2014-11-30 19:09:56 5A6F21141B846BD3CE1ED0BD0F19C3AF 2148864 ----a-w- C:\Users\Issam276\Downloads\AdwCleaner_4.102.exe
2014-11-30 19:06:31 75792D4CBF8A138CEBA044868FDE766D 2785665 ----a-w- C:\Users\Issam276\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-11-30 18:40:55 D8B9844FDFD05CD495F110FFF11C1EE5 5329480 ----a-w- C:\Users\Issam276\Downloads\PSISetup_3.0.0.9016.exe
2014-11-30 18:01:19 07A5B8EAC8B450A9EEAD07A0EAC3ECED 2117120 ----a-w- C:\Users\Issam276\Downloads\FRST64.exe
2014-11-29 23:59:18 F89AED0EB0341472AA7CB282FC7C4A1B 4036200 ----a-w- C:\Users\Issam276\Downloads\ccsetup500_slim.exe
2014-11-29 21:14:50 C588A99393F46370912870FF03F3BE27 7667648 ----a-w- C:\Users\Issam276\Downloads\TeamViewer_Setup_de.exe
2014-11-28 23:10:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-28 23:02:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-28 22:57:45 74FAFAAD14DC8D6567546BDCBE010705 2868792 ----a-w- C:\Users\Issam276\Downloads\Battle.net-Setup-deDE.exe
2014-11-27 20:20:16 AF911BE206423BF440EA9D4DF075A632 2721168 ----a-w- C:\Users\Issam276\Downloads\Windows7-USB-DVD-tool.exe
2014-11-22 13:50:29 9874A9E391702337E0A423765CBF67BC 27810288 ----a-w- C:\Users\Issam276\Downloads\detekt.exe
2014-11-19 15:27:29 ED8FB7A4648DAB4CEA40315534931014 47 ----a-w- C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
2014-11-19 15:23:45 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Issam276\Downloads\chromeinstall-8u25 (1).exe
2014-11-19 14:52:45 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Issam276\Downloads\chromeinstall-8u25.exe
2014-11-19 14:38:10 B38E5F24B705CBF67A6003E27821BF8E 24 ----a-w- C:\Users\Issam276\jagexappletviewer.preferences
2014-11-18 16:47:04 5DECEA502DDF242662147F33751A9F40 20201072 ----a-w- C:\Users\Issam276\Desktop\TERA_GameforgeLiveSetup.exe
2014-11-18 16:46:04 5DECEA502DDF242662147F33751A9F40 20201072 ----a-w- C:\Users\Issam276\Downloads\TERA_GameforgeLiveSetup.exe
====== C: exe-files ==
2014-11-30 18:53:07 EAFDA2D17FF6CC0B2AFEE21E9134EBF8 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2014-11-30 18:53:07 CBE8C6FAEDBA9A2C2577133F0321CBD8 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2014-11-30 18:53:06 EEFD7F935D944118FED39D3041352990 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2014-11-30 18:53:06 E04E87CDF6CA797BA7C8EA45228FE9E0 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2014-11-30 18:53:06 DD8E9CE0BDF8CE1131004673D9C5444D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2014-11-30 18:53:06 DBDB1A25291B2D18C614F5CA963156A8 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2014-11-30 18:53:06 DB769E9AE525963168BD4B60BFBF55EB 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2014-11-30 18:53:06 D3BC8953C21770FC147064B0BAE78063 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2014-11-30 18:53:06 C935769C537A94BC026BD813015DA450 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2014-11-30 18:53:06 BFEC01FEA21A749C43DE15F1644E7900 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2014-11-30 18:53:06 BDB4ABB929ADBC7B98E1087830809564 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2014-11-30 18:53:06 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2014-11-30 18:53:06 9FF29AE2E75939EFF8A390AD51F5FEFF 50088 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2014-11-30 18:53:06 9D9A28606B59C3D8D8FD1F7704AAAD81 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2014-11-30 18:53:06 93F297984DB0561694F6454A3066D542 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2014-11-30 18:53:06 93CFE0C1473D2220FBDA2A9C08848F34 75688 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2014-11-30 18:53:06 74222EDB01CF2D9865D8AC1EEE7C5B63 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2014-11-30 18:53:06 6DCF8B667B6C9AD851B2B5CB256521ED 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2014-11-30 18:53:06 6A4970A237A9FE01A36C4181E2A8C1B0 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
2014-11-30 18:53:06 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2014-11-30 18:53:06 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
2014-11-30 18:51:28 F54E3CBC7B617D16CC4AA887D5CB3D4D 180648 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2014-11-30 18:51:28 585AD8FD61BBEC64A9FED691ACE15DA2 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2014-11-30 18:51:27 F1C88472D958AB11BAC6962E2AEC7404 319912 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2014-11-30 18:51:27 DD4DD147B80A0295EEA0CD42B634984E 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2014-11-30 18:51:27 DBBC3AD9E0EE1B9FCD965F2528BD40E2 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2014-11-30 18:51:27 B73B937F6B21E52E53003F38D0862E96 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2014-11-30 18:51:27 A66A8E9C7F27027B2AF411BED732FC3B 55720 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2014-11-30 18:51:27 A3B2D9293DF4ED8E822A94FC3294B158 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2014-11-30 18:51:27 A133E98EF4C380BD170E482F2E9DCE2F 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2014-11-30 18:51:27 9F25F7F97765E00D8071F66AC214DB5B 98216 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2014-11-30 18:51:27 8B0AA7A094AE43DAF6D5688CFA5A97D6 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe
2014-11-30 18:51:27 8AE800D859BD912EE2AC31BC574262D0 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2014-11-30 18:51:27 865F5F1BA3BC8F832A6F45AEE4BDF6A8 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2014-11-30 18:51:27 7C0B22CC05F735BCB50633A29389DEAF 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2014-11-30 18:51:27 743F09212F0C7CD2E01CE926B5C3AED7 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2014-11-30 18:51:27 69B9753766A01A34D2CF5D21151CCC68 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2014-11-30 18:51:27 618E01FEAD89A8C2867E9632C6AD5410 76200 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2014-11-30 18:51:27 5A7137733874290B456499090E058EAC 65448 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2014-11-30 18:51:27 3EA40C7B5D07EEFC2DE0FCFE873CE48F 189352 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2014-11-30 18:51:27 32E6FE50B771AF749516EE0B6A9AD688 189352 ----a-w- C:\Program Files\Java\jre7\bin\java.exe
2014-11-30 18:41:52 7D26205608B992B4BB2FD047AA0F61A9 485208 ----a-w- C:\Program Files (x86)\Secunia\PSI\Uninstall.exe
2014-11-30 18:40:01 E0E2FE836FD209FBE336DE720032DA99 96768 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2014-11-30 18:40:01 8B4A087962B4411D7FF2A91F6CAE1EBA 54432 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2014-11-30 18:40:01 8B4A087962B4411D7FF2A91F6CAE1EBA 54432 ----a-w- C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2014-11-30 18:40:01 41094C32DD59E2E56EE7AFCB0AB917B3 130208 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2014-11-30 18:40:01 37EBCD76164A25F87E61D2158145FA42 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2014-11-30 11:18:38 EEFEFDB332BB8358FDBF58D862728317 3160648 ----a-w- C:\Users\Issam276\AppData\Local\osu!\_pending\osu!.exe
2014-11-29 21:19:53 FAD0AB1C5E964C9314B01C13BB8315D2 263952 ----a-w- C:\Program Files (x86)\TeamViewer\tv_x64.exe
2014-11-29 21:19:53 BE2021753372F07FE6D904962B5EC0A9 468432 ----a-w- C:\Program Files (x86)\TeamViewer\uninstall.exe
2014-11-29 21:19:53 56951FBB1286B5B2DC4897474596D433 229136 ----a-w- C:\Program Files (x86)\TeamViewer\tv_w32.exe
2014-11-29 21:19:52 FF1F719FACD0FCDB392D6C608AC91DEF 5472016 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2014-11-29 21:19:52 CBE8B8BCF06EAA79E297076B5719D0B1 16203024 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2014-11-29 21:19:52 19ADFE7E7861372D9FAC774252AB1AC7 5405456 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
2014-11-29 09:17:43 847EA979C178482E31968D2E2F8E42C0 110592 ----a-w- C:\ProgramData\MTA San Andreas All\1.4\upcache\_mtasa-1.4.0-rc-06918-0-000-files-all-cksummed.rar_tmp__bak_\server\MTA Server.exe
2014-11-29 09:17:42 60F42452538A8E4E3E2BF0F248B2D2AA 259888 ----a-w- C:\ProgramData\MTA San Andreas All\1.4\upcache\_mtasa-1.4.0-rc-06918-0-000-files-all-cksummed.rar_tmp__bak_\Multi Theft Auto.exe
2014-11-29 09:17:39 D1B5AA24480F8297022D3AB00E72DC45 118544 ----a-w- C:\ProgramData\MTA San Andreas All\1.4\upcache\_mtasa-1.4.0-rc-06918-0-000-files-all-cksummed.rar_tmp_\server\MTA Server.exe
2014-11-29 09:17:38 60F42452538A8E4E3E2BF0F248B2D2AA 259888 ----a-w- C:\ProgramData\MTA San Andreas All\1.4\upcache\_mtasa-1.4.0-rc-06918-0-000-files-all-cksummed.rar_tmp_\Multi Theft Auto.exe
2014-11-28 23:10:16 D933E6B18AA4E71E8935F7A345155E3A 3068976 ----a-w- C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
2014-11-28 23:10:16 7EA10060546DCB19EA3EC7930680116D 24468016 ----a-w- C:\Program Files (x86)\Diablo III\Diablo III.exe
2014-11-28 23:10:16 456B954852E2FE140F9C65A1DFD497D3 334384 ----a-w- C:\Program Files (x86)\Diablo III\InspectorReporter\BlizzardError.exe
2014-11-28 23:02:52 C69442812638BB1F21C1789D10E62013 1971760 ----a-w- C:\Program Files (x86)\Battle.net\SystemSurvey.exe
2014-11-28 23:02:52 C2703038EDF286117EC4ABE77897038D 399408 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.exe
2014-11-28 23:02:52 A829DDDC417B4BB4D8175DF1846B8BAA 1337424 ----a-w- C:\Program Files (x86)\Common Files\Blizzard Entertainment\Battle.net\Uninstall.exe
2014-11-28 23:02:52 9281BA1479347C2757EF6FBB52697921 333360 ----a-w- C:\Program Files (x86)\Battle.net\BlizzardError.exe
2014-11-28 23:02:52 208F5294935D6814B97F028A0E032D5A 10001456 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.5293\Battle.net.exe
2014-11-28 23:02:52 0FB5EB5C3639C88A02DADA0BBC079A58 2864688 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
2014-11-28 23:01:56 C714408EEFF4EA72239A39A97FA062E6 10615856 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
2014-11-26 14:32:47 9D83E2859AC027E8C505CB4D1931AF47 1117264 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.71\39.0.2171.71_39.0.2171.65_chrome_updater.exe
2014-11-25 14:26:51 68B8513D3591E9509FE15F4A0CAF9E4B 4247544 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.13\deploy\LoLPatcher.exe
2014-11-25 14:26:51 642FF2C35ADB57870A6EB86DA6C21CCB 1704440 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.13\deploy\rPipe.exe
=== C: other files ==
2014-11-30 22:29:16 365F8F4787BAEC1570EB5A93CA5DD74C 85459 ----a-w- C:\Users\Issam276\AppData\Local\Temp\avastBCLTMP\ocbelgmifabpckobkjeipjndggnflmlo.zip
2014-11-30 22:29:16 21CDE46C34F1948D22837F9E23E33F85 32468 ----a-w- C:\Users\Issam276\AppData\Local\Temp\avastBCLTMP\hagfodkdlfpceodghmlnbjafkcdjnifd.zip
2014-11-30 22:29:14 7680F2CD647311D47CB4D8312AD5FF1D 718979 ----a-w- C:\Users\Issam276\AppData\Local\Temp\avastBCLTMP\cfhdojbkjhnklbpkdaibdccddilifddb.zip
2014-11-30 22:29:07 4C2971EE7D55341B8EFA845E24948588 44605 ----a-w- C:\Users\Issam276\AppData\Local\Temp\avastBCLTMP\aakchaleigkohafkfjfjbblobjifikek.zip
2014-11-30 22:29:07 3146A49E8622FF848FC78DE36E995036 4044773 ----a-w- C:\Users\Issam276\AppData\Local\Temp\avastBCLTMP\bigefpfhnfcobdlfbedofhhaibnlghod.zip
2014-11-30 22:21:31 7509F07BA6F84C1E3B2C0D78A1F6F782 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-11-30 22:21:30 B1881A01E301990B671694CA1623F1B6 436624 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2014-11-30 22:21:30 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-11-30 22:21:29 1323269A92645705DEFA053F3596829D 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-11-30 22:21:28 9BE9F2B83DE80E2752B1405CC427E2EC 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-11-30 22:21:28 4750016EF9CC1DEC6DA3FE5AF9A7F095 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-11-30 22:21:28 2DA1C1AEDF454F8E32A863A1AEACDD8C 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-11-30 22:21:26 E74FD717476B30E23F45354B8F3ACB30 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-11-30 18:53:07 EC9D939B904C3A942484AFB3293AA413 18714 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
2014-11-30 18:51:28 0921403CF6ADF4B2E8B4073B75EC8B03 18633 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
2014-11-27 21:15:04 961DB4FBF559E09AC23A08EA46790A4D 178830517 ----a-w- C:\Users\Issam276\Downloads\Audio(v6873).zip
2014-11-27 19:40:58 BC56598CFD785520CB9A1D8F511B6B74 3087631 ----a-w- C:\Users\Issam276\Downloads\H81M-VG4(1.40)ROM.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"Spotify Web Helper"="C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
[HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-501\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"Akamai NetSession Interface"="C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ESL Wire"="C:\Program Files\EslWire\wire.exe --tray"
"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"Spotify"="C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
[HKEY_USERS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Turbo Key"="C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe"
"Cpu Level Up help"="C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
"ANIWZCS2Service"="C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
"AVMWlanClient"="C:\Program Files (x86)\avmwlanstick\wlangui.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"Spotify Web Helper"="C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
==== Startup Registry Disabled ======================
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Facebook Update"="\"C:\\Users\\Issam276\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"
"EADM"="\"C:\\Program Files (x86)\\Origin\\Origin.exe\" -AutoStart"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
"AdobeCS6ServiceManager"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"
"D-Link D-Link Wireless G DWL-G122_DWA-110"="C:\\Program Files (x86)\\D-Link\\DWL-G122_DWA-110\\AirGCFG.exe"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPDLR"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 7]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 7"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare 7\\ASCTray.exe\" /Auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CyberGhost]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CyberGhost"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CyberGhost 5\\CyberGhost.EXE\" /autostart /min"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EvtMgr6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EvtMgr6"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\SetPointP\\SetPoint.exe /launchGaming"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpqSRMon"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IObit Malware Fighter]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IObit Malware Fighter"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe\" /autostart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn Hamachi Ui"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ocs_SM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ocs_SM"
"hkey"="HKLM"
"command"="C:\\Users\\Issam276\\AppData\\Roaming\\OCS\\SM\\SearchAnonymizer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PrivitizeVPN]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PrivitizeVPN"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\PrivitizeVPN\\PrivitizeVPN.exe /autorun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SearchSettings"
"hkey"="HKLM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Issam276\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Issam276\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WinampAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BEService]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CGVPNCliService]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EslWireHelper]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hshld]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HssTrayService]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HssWd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LBTServ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LiveUpdateSvc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\OkayFreedom VPN Starter Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\OverwolfUpdaterService]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RalinkRegistryWriter]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RalinkRegistryWriter64]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RaMediaServer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SearchAnonymizer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer9]
==== Startup Folders ======================
2014-11-30 18:41:47 1112 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30.11.2014 19:54]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job --a------ C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [19.09.2012 18:26]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job --a------ C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [19.09.2012 18:26]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22.02.2013 18:07]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22.02.2013 18:07]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-Online-Aktualisierungsprogramm" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core" [C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA" [C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP-Online-Aktualisierungsprogramm" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{0B628F86-550A-486F-B114-58C62871B721}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{174B23CD-95AE-408F-A856-1370A9D536E1}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{2B6CE963-FF84-494C-A826-01D80631B926}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{3096790B-F753-40DE-BBBD-C96814C19276}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{59008250-33FF-402A-82FD-577C388040C8}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{6310026B-3E16-4E78-998C-7F30496D8899}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{8383930E-67E3-4379-A09D-4E59914B6389}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{83D83B71-6311-4584-B276-FEF554406168}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{87B307EE-CC62-4781-8900-89C379B24C05}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{9276B961-43E2-4972-B3AD-25EACD24D008}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{DE38B5D4-C035-40D9-848C-B966145964A9}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{E3BA121A-6110-46E2-B350-F190E39F142A}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D}" ["C:\Program Files (x86)\Opera\Opera.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS RegRun Loader" [C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS Update Checker" [C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe]
"C:\Windows\SysNative\tasks\ASUS\Cpu Level Up Hook Lanunch" [C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30.11.2014 23:21]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25.09.2012 18:24]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Hotspot Shield Extension - %AppDir%\browser\extensions\afproxy@anchorfree.com
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
2BF85B6162528E0635DD8D632EB975C8 - C:\Users\Issam276\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll - Facebook Desktop
1CF8CC51682099EDAF9E5BD975954705 - C:\Users\Issam276\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
==== Deleted Firefox Extensions ======================
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com deleted
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Issam276\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Issam276\AppData\Local\Comodo\Dragon deleted
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30.11.2014 23:21]
Logitech SetPoint - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd
Download Protect - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe
Google Voice Search Hotword (Beta) - Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
MEGA - Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod
SoundCloud Repeat - Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbelgmifabpckobkjeipjndggnflmlo
==== Chromium Startpages ======================
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.de/",
"startup_urls": [ "https://www.google.de/" ],
==== Chromium Fix ======================
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ciuvo.com_0.localstorage deleted successfully
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ciuvo.com_0.localstorage-journal deleted successfully
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_offers.boostsaves.com_0.localstorage deleted successfully
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_offers.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimkinmhioifhbgkpmindbifppbnhgii deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhaknhgbchodnaijihojhahebjgdekdb deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{DECA3892-BA8F-44b8-A993-A466AD694AE4}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="hxxp://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Gast\Desktop\Clonk Rage.lnk - C:\Program Files (x86)\Clonk Rage\Clonk.exe
C:\Users\Gast\Desktop\Crossfire Europe.lnk - C:\Program Files (x86)\Crossfire\Crossfire Europe\patcher_cf.exe
C:\Users\Gast\Desktop\Hot Coffee - GTA San Andreas.lnk - C:\Program Files (x86)\Hot Coffee\gta_sa.exe
C:\Users\Gast\Desktop\Zerius Vocoder.lnk - C:\Program Files (x86)\VocoderGUI\VocoderGUI.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Public\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Diablo III.lnk - C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Public\Desktop\LOL Recorder.lnk - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\Users\Public\Desktop\MTA San Andreas 1.4.lnk - C:\Program Files (x86)\MTA San Andreas 1.4\Multi Theft Auto.exe
C:\Users\Public\Desktop\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe "C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\DFUBG.exe" -start SKILL
C:\Users\Public\Desktop\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk - C:\Program Files (x86)\Secunia\PSI\psi.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chris-PC Game Booster\Chris-PC Game Booster Help.lnk - C:\Program Files (x86)\Chris-PC Game Booster\GameBooster.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chris-PC Game Booster\Chris-PC Game Booster.lnk - C:\Program Files (x86)\Chris-PC Game Booster\GameBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC DNS Switch\ChrisPC DNS Switch.lnk - C:\Program Files (x86)\ChrisPC DNS Switch\ChrisPCDNS.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Battle.net-Accountverwaltung.lnk - C:\Program Files (x86)\Diablo III\BattlenetAccount.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Blizzard Tech-Support.lnk - C:\Program Files (x86)\Diablo III\TechSupport.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Handbuch.lnk - C:\Program Files (x86)\Diablo III\Manual.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk - C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live entfernen.lnk - C:\Program Files (x86)\GameforgeLive\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\S.K.I.L.L. - Special Force 2.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe "C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\DFUBG.exe" -start SKILL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\TERA entfernen.lnk - C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\TERA\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\TERA.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe "C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\TERA\tera-launcher.exe" -start TERA
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP*Update.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk - C:\ProgramData\MEGAsync\MEGA Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk - C:\ProgramData\MEGAsync\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2\Metin2.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe "C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Metin2\Metin2.exe" -start Metin2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4\MTA San Andreas.lnk - C:\Program Files (x86)\MTA San Andreas 1.4\Multi Theft Auto.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4\MTA Server.lnk - C:\Program Files (x86)\MTA San Andreas 1.4\server\MTA Server.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4\Uninstall MTA San Andreas.lnk - C:\Program Files (x86)\MTA San Andreas 1.4\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom\OkayFreedom deinstallieren.lnk - C:\Program Files (x86)\OkayFreedom\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom\OkayFreedom.lnk - C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe omiga-plus
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe omiga-plus
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe omiga-plus
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== shortcuts After Repair ======================
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CyberGhost deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocs_SM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Issam276\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\pilwudwt.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=221 folders=146 160062850 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\temp emptied successfully
C:\Users\Gast\AppData\Local\temp emptied successfully
C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully
C:\Users\Issam276\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\wangzhisong\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Issam276\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Issam276\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 01.12.2014 at 0:14:16,04 ======================
|
|
01.12.2014, 17:47
| #17 | |
| /// TB-Ausbilder /// Anleitungs-Guru  | Pc mit malware infiziert Schritt 1
__________________ ZOEK Script
Schritt 2   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ |
|
01.12.2014, 18:18
| #18 |
| | Pc mit malware infiziertCode:
ATTFilter Zoek.exe v5.0.0.0 Updated 29-11-2014
Tool run by Issam276 on 01.12.2014 at 18:07:56,78.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Issam276\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-30-231416.log 108407 bytes
==== Folders Found ======================
==== Files Found ======================
--- C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\PileFile reminder.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3594
Created time: 2014-02-01 19:40:39
Modified time: 2014-02-01 19:40:39
MD5: 4409A982E8AEE2E9DAE552AC265E518B
SHA1: A44BB1C4CA4C810F13A2F447CA944DCFAAE295DC
==== Registry Search Results for "PileFile" ======================
[HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56837588-F559-40CF-91D9-D439D405FB28}]
"Comments"="Uninstalling PileFile reminder"
[HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56837588-F559-40CF-91D9-D439D405FB28}]
"DisplayName"="PileFile reminder"
==== Uninstall List x64 ======================
64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
Adobe Flash Player 15 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7C548501-3501-468A-A443-CC42F5B3626B}]
Adobe Flash Player 15 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Reader XI (11.0.09) - Deutsch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1031-7B44-AB0000000001}]
AI Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{310BC5E2-31AF-49BB-904D-E71EB93645DC}]
AIO_Scan [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}]
Akamai NetSession Interface [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai]
AMD Accelerated Video Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{003B37AE-21F5-5BC5-F5EB-CD60A8928696}]
AMD APP SDK Runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{503F672D-6C84-448A-8F8F-4BC35AC83441}]
AMD AVIVO64 Codecs [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8BE669A-4775-3715-DCFF-757C8523AB24}]
AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}]
AMD Drag and Drop Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{698BF443-1571-D229-4D79-8CF07C4B51D5}]
AMD Fuel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6397820D-9FC6-774C-1EF5-CBA09049E426}]
AMD Media Foundation Decoders [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}]
AMD OverDrive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9C1FAB12-F426-432E-8579-75CAB60C69CF}]
AMD VISION Engine Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}]
ANIO Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}]
ANIWZCS2 Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4C590030-7469-453E-8589-D15DA9D03F52}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]
Application Profiles [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4ED980CB-C288-6A80-A3EA-AEECC543058B}]
ASUSUpdate [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}]
AutoHotkey 1.0.48.05 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutoHotkey]
Avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast]
AVM FRITZWLAN [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVMWLANCLI]
Battle.net [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Battle.net]
BufferChm [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}]
Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}]
Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}]
Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}]
ccc-utility64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{653B9326-BD45-53BE-681A-A49CAAEE8A3C}]
CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9809124C-0C4C-2367-7889-1E16D8EF1AAF}]
CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C1E2D27F-B363-588E-8859-9EF7F4EBF418}]
CCC Help Czech [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}]
CCC Help Danish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DD62206-7B6C-E32E-BD11-B49B3B089D16}]
CCC Help Dutch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}]
CCC Help English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}]
CCC Help Finnish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E9463114-898C-7C2A-2C47-E9ABC63F5D43}]
CCC Help French [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{338CD56F-1CDC-CF32-33F6-DED2DF92284E}]
CCC Help German [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}]
CCC Help Greek [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}]
CCC Help Hungarian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{46458556-5C46-79A9-A6FF-81DF1F8B2729}]
CCC Help Italian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF10AC4D-3349-99DA-3E58-5197CEA1D833}]
CCC Help Japanese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB13F192-49FC-A065-F15C-746B10CC43C8}]
CCC Help Korean [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{67A4760F-9804-CCF6-C319-27840ED77924}]
CCC Help Norwegian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{519D68B8-A768-4CDC-E4C9-B115D49CED93}]
CCC Help Polish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51D383BC-D988-8C1E-FAA1-BC5260A32A87}]
CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}]
CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9739158D-EDED-D628-9865-1460B5A7FAE3}]
CCC Help Russian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AE548812-D611-608D-61C6-7E40F28573A2}]
CCC Help Spanish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BC63AEF9-1367-9F7C-5926-52E56450EDCD}]
CCC Help Swedish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}]
CCC Help Thai [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BE5E4A9-D88B-532D-26E6-883C32BF098A}]
CCC Help Turkish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}]
CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
Chris-PC Game Booster [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Chris-PC Game Booster_is1]
ChrisPC DNS Switch 1.40 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ECE17478-56C5-4280-AB67-AC2C2CAFA30F}_is1]
Copy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}]
Counter-Strike: Source [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 240]
D-Link Wireless G DWL-G122_DWA-110 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}]
D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
DayZ Commander [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05B1529B-C423-42AA-B981-4ECA247E9FC0}]
Destinations [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}]
DeviceDiscovery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}]
Diablo III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Diablo III]
DJ_AIO_ProductContext [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2640314A-2D9A-4F58-B501-DB109CD9DBA2}]
DJ_AIO_Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}]
DJ_AIO_Software_min [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{32DACAC3-6538-405D-915E-8F2D026F199C}]
Dota 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 570]
Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]
eReg [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}]
F4100 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d05a1414-a955-4c5c-9716-b7777ef86e85}]
F4100_Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}]
Fa‡ade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{339C3693-8554-4A25-A664-E0B74D2DFA04}]
Facebook Messenger 2.1.4814.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7204BDEE-1A48-4D95-A964-44A9250B439E}]
Futuremark SystemInfo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}]
Gameforge Live 2.0.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1]
Garry's Mod [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 4000]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
GPBaseService2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63FF21C9-A810-464F-B60A-3111747B1A6D}]
Hearthstone [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Hearthstone]
HP Customer Participation Program 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPExtendedCapabilities]
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB773820-0871-46A8-9B96-F2B04F8B34F0}]
HP Imaging Device Functions 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Imaging Device Functions]
HP Photosmart Essential 3.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Photosmart Essential]
HP Smart Web Printing 4.51 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Smart Web Printing]
HP Solution Center 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools]
HP Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}]
HPPhotoGadget [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}]
HPPhotoSmartDiscLabelContent1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{681B698F-C997-42C3-B184-B489C6CA24C9}]
HPPhotosmartEssential [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D79113E7-274C-470B-BD46-01B10219DF6A}]
HPProductAssistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C43326F5-F135-4551-8270-7F7ABA0462E1}]
HPSSupply [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}]
HydraVision [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2EBD490C-37E5-37BF-4A4C-9B21C5A46825}]
InfraRecorder [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InfraRecorder]
Java 7 Update 71 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F06417071FF}]
Java 7 Update 71 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217071FF}]
Java 8 Update 25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218025F0}]
JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}]
Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]
League of Legends [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{517CC397-B22F-4593-8DCB-DE72CC541E9A}]
League of Legends [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\League of Legends 3.0.1]
Left 4 Dead 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 550]
LOLReplay [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LOLReplay]
Malwarebytes Anti-Malware Version 2.0.3.1025 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]
MarketResearch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{175F0111-2968-4935-8F70-33108C6A4DE3}]
MEGAsync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MEGAsync]
Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}]
Messenger Companion [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}]
Metin2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Metin2_is1]
Microsoft .NET Framework 4.5.1 (DEU) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C513739C-5F16-37B5-9ACF-99925FF1C1F3}]
Microsoft .NET Framework 4.5.1 (Deutsch) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}]
Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}]
Microsoft Office Klick-und-Los 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.Click2Run]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4fd02573-5f12-4ae4-8027-c63f8e1115af}]
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}]
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}]
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}]
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}]
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ce085a78-074e-4823-8dc1-8a721b94b76d}]
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}]
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}]
Microsoft XNA Framework Redistributable 3.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}]
Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}]
Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}]
MorphVOX Junior [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E741AE90-F491-4EB2-B160-33B0CCD85CB1}]
MorphVOX Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62DAB694-358E-4C6F-82BF-26DA64B297A6}]
MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}]
MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
MTA:SA v1.4.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MTA:SA 1.4]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}]
OkayFreedom [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F3FB10C-7175-4D38-9335-3488B89C12AF}]
OpenAL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL]
OpenOffice.org 3.4.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}]
osu [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ba6599d0-1e00-4060-a455-55382b1c7008}]
PC Probe II [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}]
PileFile reminder [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56837588-F559-40CF-91D9-D439D405FB28}]
RAIDXpert [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8B76B8E9-F773-4B75-A08C-120079EB765E}]
RAIDXpert [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}]
Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]
Realtek HDMI Audio Driver for ATI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5449FB4F-1802-4D5B-A6D8-087DB1142147}]
Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]
RuneScape Launcher 1.2.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}]
S.K.I.L.L. - Special Force 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Special Force 2 Beta_is1]
Samsung Kies3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{88547073-C566-4895-9005-EBE98EA3F7C7}]
Samsung Kies3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\01_Simmental]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\02_Siberian]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\03_Swallowtail]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\04_semseyite]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\07_Schorl]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\09_Hsp]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\11_HSP_Plus_Default]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\16_Shrewsbury]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\20_NXP_Driver]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\24_flashusbdriver]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\25_escape]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}]
Scan [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06A1D88C-E102-4527-AF70-29FFD7AF215A}]
Secunia PSI (3.0.0.9016) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Secunia PSI]
Shop for HP Supplies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Shop for HP Supplies]
Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}]
SkypeT 6.21 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}]
SmartWebPrinting [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DC635845-46D3-404B-BCB1-FC4A91091AFA}]
SolutionCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}]
Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]
Status [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}]
Steam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam]
System Requirements Lab CYRI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{943A8D28-80D6-41DC-AE94-81FEB42041BF}]
Team Fortress 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 440]
TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
TeamViewer 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer]
TERA [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F166A0-F031-4E27-A057-C69733219434}_is1]
The Binding of Isaac [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 113200]
Toolbox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BBA26E9-AB03-4FE7-831A-3535584CA002}]
TrayApp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}]
Turbo Key [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}]
Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]
UnloadSupport [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}]
WebReg [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43CDF946-F5D9-4292-B006-BA0D92013021}]
Windows 7 USB/DVD Download Tool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCF298AF-9CE1-4B26-B251-486E98A34789}]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Windows Live Fotogalerie [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B113D18C-67B0-4FB7-B329-E89B66194AE6}]
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]
Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B1239994-A850-44E2-BED8-E70A21124E16}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}]
Windows Live Mesh ActiveX control for remote connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C5398A89-516C-4DAF-BA07-EE7949090E56}]
Windows Live Messenger Companion Core [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}]
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]
Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}]
Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E4E88B54-4777-4659-967A-2EED1E6AFD83}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}]
Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}]
Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}]
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}]
Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}]
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D930AF5C-5193-4616-887D-B974CEFC4970}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9E48FF52-082C-4CC2-BB67-6E10D09C0431}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{859D4022-B76D-40DE-96EF-C90CDA263F44}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}]
WinRAR 5.11 (64-Bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
WinSCP 4.3.8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1]
World of Warcraft [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\World of Warcraft]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=222 folders=149 160062850 bytes)
==== EOF on 01.12.2014 at 18:12:39,89 ======================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2014
Ran by Issam276 (administrator) on CROUNTY on 01-12-2014 18:14:19
Running from C:\Users\Issam276\Downloads
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
() C:\Windows\SysWOW64\ANIWConnService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Wireless Service) C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Issam276\Downloads\zoek.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-30] (AVAST Software)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-07] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1420DC9A1F4ACD01
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 208.67.222.222,192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Issam276\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: facebook.com/fbDesktopPlugin -> C:\Users\Issam276\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\user.js
FF SearchPlugin: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: hosts2 - C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com [2013-12-14]
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}] - C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi [2014-05-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-30]
FF HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-01]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (Avast Online Security) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-01]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-30] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [318304 2014-04-09] (Steganos Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-30] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-30] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
S3 esgiguard; No ImagePath
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-01 18:09 - 2014-12-01 00:14 - 00108407 _____ () C:\zoek-results2014-11-30-231416.log
2014-12-01 18:07 - 2014-12-01 18:12 - 00000570 _____ () C:\runcheck.txt
2014-12-01 18:07 - 2014-12-01 18:07 - 01295360 _____ () C:\Users\Issam276\Downloads\zoek.exe
2014-12-01 00:11 - 2014-12-01 00:11 - 00000000 ____D () C:\Users\wangzhisong
2014-11-30 23:32 - 2014-12-01 18:12 - 00036416 _____ () C:\zoek-results.log
2014-11-30 23:30 - 2014-12-01 00:12 - 00000000 ____D () C:\zoek_backup
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 23:29 - 2014-11-30 23:29 - 04270204 _____ () C:\Users\Issam276\Downloads\zoek.zip
2014-11-30 23:22 - 2014-11-30 23:22 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\AVAST Software
2014-11-30 23:21 - 2014-11-30 23:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-30 23:21 - 2014-11-30 23:21 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-30 23:21 - 2014-11-30 23:21 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-30 23:21 - 2014-11-30 23:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00001930 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-30 23:21 - 2014-11-30 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-30 23:21 - 2014-11-30 23:21 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-30 23:17 - 2014-11-30 23:19 - 132469808 _____ (AVAST Software) C:\Users\Issam276\Downloads\avast_free_antivirus_setup_10.2208.712.exe
2014-11-30 22:22 - 2014-11-30 22:22 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-30 22:21 - 2014-11-30 22:22 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Issam276\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-11-30 20:46 - 05599228 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:19 - 2014-12-01 18:14 - 00026060 _____ () C:\Users\Issam276\Downloads\FRST.txt
2014-11-30 20:14 - 2014-12-01 15:24 - 00000336 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-12-01 00:12 - 00340490 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 20:12 - 2014-11-30 20:12 - 01488384 _____ () C:\Users\Issam276\Downloads\msxml6.msi
2014-11-30 20:09 - 2014-11-30 20:10 - 02148864 _____ () C:\Users\Issam276\Downloads\AdwCleaner_4.102.exe
2014-11-30 20:06 - 2014-11-30 20:06 - 02785665 _____ (PortableApps.com) C:\Users\Issam276\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-11-30 20:06 - 2014-11-30 20:06 - 00000000 ____D () C:\Users\Issam276\Downloads\RevoUninstallerPortable
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00001075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 19:40 - 2014-11-30 19:41 - 05329480 _____ (Secunia) C:\Users\Issam276\Downloads\PSISetup_3.0.0.9016.exe
2014-11-30 19:01 - 2014-11-30 19:01 - 02117120 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Downloads\Avast Internet Security License File.rar
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-30 01:23 - 2014-11-30 01:23 - 00000788 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-30 00:59 - 2014-11-30 00:59 - 04036200 _____ (Piriform Ltd) C:\Users\Issam276\Downloads\ccsetup500_slim.exe
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 22:14 - 2014-11-29 22:15 - 07667648 _____ (TeamViewer GmbH) C:\Users\Issam276\Downloads\TeamViewer_Setup_de.exe
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-11-29 19:05 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-28 23:57 - 2014-11-28 23:58 - 02868792 _____ (Blizzard Entertainment) C:\Users\Issam276\Downloads\Battle.net-Setup-deDE.exe
2014-11-27 22:15 - 2014-11-27 22:27 - 178830517 _____ () C:\Users\Issam276\Downloads\Audio(v6873).zip
2014-11-27 21:21 - 2014-11-27 21:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-11-27 21:21 - 2014-11-27 21:21 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-11-27 21:20 - 2014-11-27 21:20 - 02721168 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\Windows7-USB-DVD-tool.exe
2014-11-27 20:40 - 2014-11-27 20:41 - 03087631 _____ () C:\Users\Issam276\Downloads\H81M-VG4(1.40)ROM.zip
2014-11-22 19:55 - 2014-11-22 19:55 - 00021017 _____ () C:\Users\Issam276\Downloads\detekt (1).rar
2014-11-22 19:27 - 2014-11-22 19:27 - 00001236 _____ () C:\Users\Issam276\Downloads\detekt.rar
2014-11-22 14:50 - 2014-11-22 18:21 - 00091684 _____ () C:\Users\Issam276\Downloads\detekt.log
2014-11-22 14:50 - 2014-11-22 14:50 - 27810288 _____ () C:\Users\Issam276\Downloads\detekt.exe
2014-11-19 20:24 - 2014-11-19 20:25 - 00002074 _____ () C:\Users\Issam276\Desktop\Oldschool Runescape.lnk
2014-11-19 20:18 - 2014-11-19 20:19 - 23646208 _____ () C:\Users\Issam276\Downloads\OldSchool (2).msi
2014-11-19 20:18 - 2014-11-19 20:18 - 23646208 _____ () C:\Users\Issam276\Downloads\OldSchool (1).msi
2014-11-19 16:27 - 2014-11-19 20:25 - 00000047 _____ () C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
2014-11-19 16:26 - 2014-11-19 16:27 - 23646208 _____ () C:\Users\Issam276\Downloads\OldSchool.msi
2014-11-19 16:23 - 2014-11-19 16:23 - 00638888 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\chromeinstall-8u25 (1).exe
2014-11-19 15:52 - 2014-11-19 15:52 - 00638888 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\chromeinstall-8u25.exe
2014-11-19 15:38 - 2014-11-19 21:31 - 00000024 _____ () C:\Users\Issam276\jagexappletviewer.preferences
2014-11-19 15:38 - 2014-11-19 15:38 - 00000000 ____D () C:\.jagex_cache_32
2014-11-19 15:36 - 2014-11-19 15:36 - 00002104 _____ () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-11-19 15:36 - 2014-11-19 15:36 - 00002074 _____ () C:\Users\Issam276\Desktop\RuneScape.lnk
2014-11-19 15:36 - 2014-11-19 15:36 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-11-19 15:33 - 2014-11-19 15:33 - 23810048 _____ () C:\Users\Issam276\Downloads\RuneScape.msi
2014-11-19 15:31 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:31 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:31 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:31 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 17:48 - 2014-11-18 17:48 - 00001166 _____ () C:\Users\Issam276\Desktop\TERA.lnk
2014-11-18 17:48 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-11-18 17:47 - 2014-11-18 17:46 - 20201072 _____ (Gameforge ) C:\Users\Issam276\Desktop\TERA_GameforgeLiveSetup.exe
2014-11-18 17:46 - 2014-11-18 17:46 - 20201072 _____ (Gameforge ) C:\Users\Issam276\Downloads\TERA_GameforgeLiveSetup.exe
2014-11-16 02:15 - 2014-11-16 02:15 - 00000219 _____ () C:\Users\Issam276\Desktop\Dota 2.url
2014-11-13 20:37 - 2014-11-13 20:37 - 00000000 _____ () C:\dfu.log
2014-11-13 20:35 - 2014-11-25 18:29 - 00000000 ____D () C:\Users\Issam276\Downloads\Gameforge Live
2014-11-13 20:35 - 2014-11-13 20:35 - 01048576 _____ () C:\Users\Issam276\Downloads\msert.exe
2014-11-13 20:35 - 2014-11-13 20:35 - 00001950 _____ () C:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-11-13 20:29 - 2014-11-13 20:30 - 20226640 _____ (Gameforge ) C:\Users\Issam276\Downloads\SKILL_GameforgeLiveSetup.exe
2014-11-13 17:08 - 2014-11-13 17:16 - 15368532 _____ () C:\Users\Issam276\Downloads\[I-Raf-you]_Microne_Magazine_6.rar
2014-11-12 23:18 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 23:18 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 23:18 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 23:18 - 2014-10-27 21:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 23:18 - 2014-10-27 21:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 23:18 - 2014-10-27 21:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 23:18 - 2014-10-27 21:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 23:18 - 2014-10-27 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 23:18 - 2014-10-27 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 23:18 - 2014-10-27 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 23:18 - 2014-10-27 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 23:18 - 2014-10-27 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 23:18 - 2014-10-27 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 23:18 - 2014-10-27 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 23:18 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 23:18 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 23:18 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 23:18 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 23:18 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 23:18 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 23:18 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 23:18 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 23:18 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 23:18 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 23:18 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 23:18 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 23:18 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 23:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 23:18 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 23:18 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 23:18 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 23:18 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 23:18 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 23:18 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 23:18 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 23:18 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 23:18 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 23:18 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 23:18 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 23:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 23:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 23:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 23:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 23:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 23:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 23:16 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 23:16 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 23:16 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 23:16 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 23:16 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 23:16 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 23:16 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 23:16 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 23:16 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-08 15:44 - 2014-11-08 15:45 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends (1).rar
2014-11-08 15:43 - 2014-11-08 15:43 - 00000000 _____ () C:\Users\Issam276\Desktop\Bol Studio.rar
2014-11-08 15:42 - 2014-11-08 15:42 - 00066581 _____ () C:\Users\Issam276\Downloads\AWA BOL DOWNLOADER.rar
2014-11-08 15:40 - 2014-11-08 15:40 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-11-07 17:57 - 2014-11-29 00:11 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-11-07 17:56 - 2014-11-07 17:56 - 00137888 _____ (Spotify Ltd) C:\Users\Issam276\Downloads\SpotifySetup.exe
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\Issam276\Desktop\Tor Browser
2014-11-07 17:21 - 2014-11-07 17:21 - 34288786 _____ () C:\Users\Issam276\Downloads\torbrowser-install-4.0.1_en-US.exe
2014-11-06 18:45 - 2014-11-06 18:45 - 00001975 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-11-06 18:45 - 2014-06-16 07:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-11-06 18:45 - 2014-06-16 07:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-11-01 20:28 - 2014-11-30 12:19 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-01 20:28 - 2014-11-01 20:28 - 00000956 _____ () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2014-11-01 20:28 - 2014-11-01 20:28 - 00000948 _____ () C:\Users\Issam276\Desktop\osu!.lnk
2014-11-01 20:27 - 2014-11-01 20:27 - 03155528 _____ (ppy) C:\Users\Issam276\Downloads\osu!install.exe
2014-11-01 20:27 - 2014-11-01 20:27 - 00000000 ____D () C:\Users\Issam276\Downloads\Localisation
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-01 18:14 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-01 17:31 - 2013-02-22 18:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-01 17:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-01 16:31 - 2012-09-19 17:23 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job
2014-12-01 15:14 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-01 15:14 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-01 15:04 - 2013-02-22 18:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-01 15:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-01 00:19 - 2014-07-04 02:28 - 01561649 _____ () C:\Windows\WindowsUpdate.log
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:09 - 2013-02-22 18:08 - 00002192 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 23:21 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-30 22:43 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 22:22 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-30 22:22 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:54 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-30 19:54 - 2012-06-14 13:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-30 19:54 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:31 - 2012-09-19 17:23 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 19:01 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-11-30 10:20 - 2012-12-08 09:38 - 04913888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-30 01:25 - 2012-12-08 09:39 - 00066640 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-30 01:24 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-30 01:24 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-30 01:23 - 2013-02-22 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-30 01:23 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-30 00:50 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:49 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-28 19:11 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-11-27 22:18 - 2011-04-12 08:43 - 00770468 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 22:18 - 2011-04-12 08:43 - 00174528 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 22:01 - 2012-06-17 18:19 - 00000024 _____ () C:\Users\Issam276\random.dat
2014-11-19 21:30 - 2012-06-17 18:19 - 00000047 _____ () C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
2014-11-19 16:27 - 2012-06-17 18:19 - 00000000 ____D () C:\Users\Issam276\jagexcache
2014-11-19 16:25 - 2014-08-11 00:04 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-19 16:25 - 2014-08-11 00:04 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-19 16:25 - 2014-08-11 00:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-19 16:25 - 2013-10-29 19:00 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-19 16:25 - 2013-10-29 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-19 16:25 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 00:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-18 17:48 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-18 17:47 - 2014-09-06 18:33 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-11-14 22:26 - 2013-02-22 18:07 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 22:26 - 2013-02-22 18:07 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 12:31 - 2012-06-17 14:07 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Akamai
2014-11-13 15:54 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 00:49 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 00:42 - 2012-06-17 14:06 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 12:13 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-11 12:12 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat
Some content of TEMP:
====================
C:\Users\Issam276\AppData\Local\Temp\7za.exe
C:\Users\Issam276\AppData\Local\Temp\hijackthis.exe
C:\Users\Issam276\AppData\Local\Temp\NirCmd.exe
C:\Users\Issam276\AppData\Local\Temp\PEVZ.EXE
C:\Users\Issam276\AppData\Local\Temp\remove.exe
C:\Users\Issam276\AppData\Local\Temp\sed.exe
C:\Users\Issam276\AppData\Local\Temp\shortcut.exe
C:\Users\Issam276\AppData\Local\Temp\swreg.exe
C:\Users\Issam276\AppData\Local\Temp\swxcacls.exe
C:\Users\Issam276\AppData\Local\Temp\wget.exe
C:\Users\Issam276\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 17:42
==================== End Of Log ============================
|
|
01.12.2014, 18:19
| #19 |
| | Pc mit malware infiziertCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2014
Ran by Issam276 at 2014-12-01 18:14:57
Running from C:\Users\Issam276\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\{7C548501-3501-468A-A443-CC42F5B3626B}) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )
ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
ChrisPC DNS Switch 1.40 (HKLM-x32\...\{ECE17478-56C5-4280-AB67-AC2C2CAFA30F}_is1) (Version: - Chris P.C. srl)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{05B1529B-C423-42AA-B981-4ECA247E9FC0}) (Version: 1.09.73 - Dotjosh Studios)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DJ_AIO_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
D-Link Wireless G DWL-G122_DWA-110 (HKLM-x32\...\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}) (Version: - D-Link)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F4100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Façade (HKLM-x32\...\{339C3693-8554-4A25-A664-E0B74D2DFA04}) (Version: 1.0.3 - Procedural Arts)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.11 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E741AE90-F491-4EB2-B160-33B0CCD85CB1}) (Version: 2.8.0 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{62DAB694-358E-4C6F-82BF-26DA64B297A6}) (Version: 4.3.2 - Screaming Bee)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.3.1 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
PileFile reminder (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version: - FINEDREAM INVEST LTD) <==== ATTENTION
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-11-2014 14:29:22 Windows Update
27-11-2014 20:21:19 Installed Windows 7 USB/DVD Download Tool
30-11-2014 17:24:11 avast! antivirus system restore point
30-11-2014 17:27:12 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
30-11-2014 18:24:42 avast! antivirus system restore point
30-11-2014 20:33:13 avast! antivirus system restore point
30-11-2014 22:20:49 avast! antivirus system restore point
30-11-2014 22:32:09 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0B70D5A1-FC0C-4567-84B3-FA8C61598DD3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-30] (AVAST Software)
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {181CF0AB-DAE3-4E35-A43E-6BCC9EA672F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {260A62D5-8017-49B7-871D-68159B4FD231} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {455EC1A1-A8EB-4743-B7C0-9569F58741D7} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {46510369-2D69-4AE4-89D2-EA3FC9E2751B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {4BCC1A45-E3A1-4A8B-AE5E-C6D8D9540C33} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {4E217A82-7F87-4E08-AD7C-B88AF6A9D49A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5F97C91C-7B67-4A52-9DD7-0E6FA102D424} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-30] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A0B271A8-0315-4B2F-8A8E-1D955B9A3912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {F5F00D11-CD93-4F2C-A5C7-4C9F7C25E3A7} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2012-06-22 13:41 - 2009-07-07 19:10 - 00151552 _____ () C:\Windows\SysWOW64\ANIWConnService.exe
2014-11-22 01:03 - 2014-11-22 01:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-07-10 10:29 - 2014-01-05 20:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-12-01 18:07 - 2014-12-01 18:07 - 01295360 _____ () C:\Users\Issam276\Downloads\zoek.exe
2014-12-01 15:07 - 2014-12-01 15:07 - 02904064 _____ () C:\Program Files\AVAST Software\Avast\defs\14120100\algo.dll
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2012-06-22 13:41 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIOApi.dll
2014-11-30 23:21 - 2014-11-30 23:21 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-15 15:06 - 2014-05-19 15:13 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Issam276\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Issam276\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Issam276\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Issam276\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/01/2014 03:08:28 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (12/01/2014 03:07:58 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (12/01/2014 03:05:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/01/2014 00:17:07 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (12/01/2014 00:16:35 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (12/01/2014 00:13:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2014 11:57:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x30c
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (11/30/2014 11:32:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary tpghzkcn.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (11/30/2014 11:20:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary tpghzkcn.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (11/30/2014 10:43:48 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
System errors:
=============
Error: (12/01/2014 03:05:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/01/2014 03:05:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (12/01/2014 03:05:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/01/2014 03:05:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.
Error: (12/01/2014 03:04:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/01/2014 03:04:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/01/2014 00:13:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/01/2014 00:13:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/01/2014 00:13:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/30/2014 11:57:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (12/01/2014 03:08:28 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (12/01/2014 03:07:58 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
Error: (12/01/2014 03:05:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/01/2014 00:17:07 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (12/01/2014 00:16:35 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
Error: (12/01/2014 00:13:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2014 11:57:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DaS_21.exe2.1.0.4540c90b2KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d30c01d00cf1049ef846C:\Users\Issam276\AppData\Local\Temp\DaS_21.exeC:\Windows\system32\KERNELBASE.dll431ef2b5-78e4-11e4-890e-bc05430d44ce
Error: (11/30/2014 11:32:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary tpghzkcn.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (11/30/2014 11:20:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary tpghzkcn.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (11/30/2014 10:43:48 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
CodeIntegrity Errors:
===================================
Date: 2014-11-30 20:57:24.409
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-30 20:57:24.253
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-29 09:37:48.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 8174.12 MB
Available physical RAM: 5305.7 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 13375.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:921.75 GB) (Free:694.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
01.12.2014, 23:59
| #20 |
| /// TB-Ausbilder /// Anleitungs-Guru | Pc mit malware infiziert Hi, Schritt 1  Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\user.js
FF SearchPlugin: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\searchplugins\conduit-search.xml
FF Extension: hosts2 - C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com [2013-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}] - C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi [2014-05-19]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}
S3 esgiguard; No ImagePath
2014-12-01 00:11 - 2014-12-01 00:11 - 00000000 ____D () C:\Users\wangzhisong
Task: {4BCC1A45-E3A1-4A8B-AE5E-C6D8D9540C33} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {F5F00D11-CD93-4F2C-A5C7-4C9F7C25E3A7} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Issam276\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Issam276\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Issam276\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Issam276\AppData\Roaming:NT2
Reg: reg delete "HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56837588-F559-40CF-91D9-D439D405FB28}" /f
C:\Users\Issam276\AppData\Local\Temp\KAS Internet KeygenDownload_538C
cmd: type "C:\Qoobox\ComboFix-quarantined-files.txt"
EmptyTemp:
Schritt 2 ESET Online Scanner
Schritt 3 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.  Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
02.12.2014, 18:41
| #21 |
| | Pc mit malware infiziertCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-11-2014
Ran by Issam276 at 2014-12-02 15:17:39 Run:1
Running from C:\Users\Issam276\Downloads
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\user.js
FF SearchPlugin: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\searchplugins\conduit-search.xml
FF Extension: hosts2 - C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com [2013-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}] - C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi [2014-05-19]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}
S3 esgiguard; No ImagePath
2014-12-01 00:11 - 2014-12-01 00:11 - 00000000 ____D () C:\Users\wangzhisong
Task: {4BCC1A45-E3A1-4A8B-AE5E-C6D8D9540C33} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {F5F00D11-CD93-4F2C-A5C7-4C9F7C25E3A7} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Issam276\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Issam276\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Issam276\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Issam276\AppData\Roaming:NT2
Reg: reg delete "HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56837588-F559-40CF-91D9-D439D405FB28}" /f
C:\Users\Issam276\AppData\Local\Temp\KAS Internet KeygenDownload_538C
cmd: type "C:\Qoobox\ComboFix-quarantined-files.txt"
EmptyTemp:
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found.
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\user.js => Moved successfully.
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\searchplugins\conduit-search.xml => Moved successfully.
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1925287450-1312797874-627100175-1001\FireFox\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879} => value deleted successfully.
C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644}\{0BF1FAF9-F729-48AE-A123-6B9EB9AE8879}.xpi => Moved successfully.
C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com not found.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
C:\Windows\Installer\{73C7DC59-0839-45AF-86A3-D0D0FE01E644} => Moved successfully.
esgiguard => Service deleted successfully.
C:\Users\wangzhisong => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BCC1A45-E3A1-4A8B-AE5E-C6D8D9540C33}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BCC1A45-E3A1-4A8B-AE5E-C6D8D9540C33}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F5F00D11-CD93-4F2C-A5C7-4C9F7C25E3A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5F00D11-CD93-4F2C-A5C7-4C9F7C25E3A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => Key deleted successfully.
C:\ProgramData => ":NT" ADS removed successfully.
C:\ProgramData => ":NT2" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT2" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
"C:\Users\Issam276\Anwendungsdaten" => ":NT" ADS not found.
"C:\Users\Issam276\Anwendungsdaten" => ":NT2" ADS not found.
C:\Users\Issam276\AppData\Roaming => ":NT" ADS removed successfully.
C:\Users\Issam276\AppData\Roaming => ":NT2" ADS removed successfully.
========= reg delete "HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56837588-F559-40CF-91D9-D439D405FB28}" /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
"C:\Users\Issam276\AppData\Local\Temp\KAS Internet KeygenDownload_538C" => File/Directory not found.
========= type "C:\Qoobox\ComboFix-quarantined-files.txt" =========
2014-11-30 20:09:01 . 2014-11-30 20:09:01 484 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-MyFreeCodec.reg.dat
2014-11-30 20:08:40 . 2014-11-30 20:08:40 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}.reg.dat
2014-11-30 20:08:40 . 2014-11-30 20:08:40 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{8567A644-E36C-470C-86CF-9C5B4F37DB81}.reg.dat
2014-11-30 20:08:40 . 2014-11-30 20:08:40 192 ----a-w- C:\Qoobox\Quarantine\Registry_backups\BHO-{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410}.reg.dat
2014-11-30 20:08:20 . 2014-11-30 20:08:20 911 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-BHO-{DC2E8A12-D6AF-B90E-09BA-6D6AB5E5B410}.reg.dat
2014-11-30 20:08:19 . 2014-11-30 20:08:19 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-URLSearchHooks-{8567a644-e36c-470c-86cf-9c5b4f37db81}.reg.dat
2014-11-30 20:08:19 . 2014-11-30 20:08:19 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2}.reg.dat
2014-11-30 19:55:15 . 2014-11-30 19:55:15 15,532 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2014-11-30 19:47:33 . 2014-11-30 19:47:33 51 ----a-w- C:\Qoobox\Quarantine\catchme.log
2014-06-28 15:00:24 . 2014-06-28 15:00:25 934 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk.vir
2014-01-21 18:01:27 . 2014-01-21 18:01:27 23 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\Luca Accountdaten .txt.vir
2012-07-05 10:53:20 . 2012-07-05 10:53:20 57 ----a-w- C:\Qoobox\Quarantine\C\CFLog\EPLog.txt.vir
2012-06-14 13:14:39 . 2011-03-22 12:18:46 753,664 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Templates\1036.msi.vir
2012-06-14 13:14:39 . 2011-03-22 12:18:46 753,664 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Templates\1041.msi.vir
2012-06-14 13:14:39 . 2011-03-22 12:18:46 753,664 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Templates\1028.msi.vir
2012-06-14 13:14:38 . 2011-03-22 12:18:46 753,664 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Templates\2052.msi.vir
2012-06-14 13:14:38 . 2011-03-22 12:18:46 753,664 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Templates\1031.msi.vir
2012-06-14 13:14:38 . 2011-03-22 12:18:46 753,664 ----a-w- C:\Qoobox\Quarantine\C\Users\Issam276\AppData\Roaming\Microsoft\Windows\Templates\1033.msi.vir
2012-04-06 01:50:56 . 2012-04-06 01:50:56 19,753,984 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\SET1827.tmp.vir
2007-11-07 06:03:18 . 2007-11-07 06:03:18 562,688 ----a-w- C:\Qoobox\Quarantine\C\install.exe.vir
========= End of CMD: =========
EmptyTemp: => Removed 137.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=18861
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-24 02:26:59
# local_time=2014-06-24 04:26:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 14081 35094441 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2207 155249869 0 0
# scanned=40374
# found=22
# cleaned=0
# scan_time=446
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=37D61F35EF511D7329202EA9E64B34A3A2733621 ft=1 fh=c71c001146429c75 vn="a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-bho.dll.vir"
sh=16B4E7716034DAA8D51DF6933A1487521BAFD576 ft=1 fh=c71c00116f2f2486 vn="probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.dll.vir"
sh=13C4E4530579D27AC735D69EB2D02C3143219550 ft=1 fh=4f6371db0a407d38 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.exe.vir"
sh=0BE9B64B77D6993C208E74AD3EED09045EE1D8F0 ft=1 fh=711bf31f462ed090 vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.dll.vir"
sh=A809AC1B09E64A27EC24867BBEF73E1F87F03649 ft=1 fh=4f6371db28b3513d vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.exe.vir"
sh=C7180FFA47C505D779731E8DE951C27325483719 ft=1 fh=98f706846ae8387b vn="a variant of Win32/Toolbar.CrossRider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-codedownloader.exe.vir"
sh=CD404C84FB05E5CD7CEE04070B84F96E31A52388 ft=1 fh=9ba1eca12ec55543 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-helper.exe.vir"
sh=F5FB4CE2BDF7D2EFB02E98E3B5BDA31817E37C48 ft=1 fh=c71c0011cb1ed606 vn="a variant of Win32/SProtector.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\assistant.dll.vir"
sh=EDF1A87DEB46CAC58EEFF284F6B253F3A9420587 ft=1 fh=c71c001121b25b01 vn="Win32/AdWare.MultiPlug.N application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.dll.vir"
sh=03C058349D803B8A000FD4E20BE2E081176641A6 ft=1 fh=c71c00113f6bc66f vn="Win64/Adware.MultiPlug.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.x64.dll.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=FA1F72CB2B306C4DEB45392C63EB10857682154B ft=1 fh=937c9ad3b66761c3 vn="Win32/Packed.ScrambleWrapper.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PutLockerDownloader.com\ptlextsetup.exe.vir"
sh=4269ACDD607F43005F345EA5604026FEBFD17193 ft=1 fh=c71c00117f8f9250 vn="a variant of Win32/AdWare.MultiPlug.K.gen application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\TubeAdBlocker\nnJYt.exe.vir"
sh=E0B8C7584C2F978C46B398FC66E33A30194FA7DF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhaknhgbchodnaijihojhahebjgdekdb\1.5\Zvgp4Q_FrrLr.js.vir"
sh=748E90CBB284A00D9E9396B9EE387AC5905FF8D1 ft=1 fh=ab95f3a7820679d6 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=D0E5E11ACDD3E7AF720794C6AD722169570CA169 ft=1 fh=afc8ab45c959803b vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=05C3D3349BEA6B6DDD293DB9F60B492CFC90112C ft=1 fh=c23f98680dc9e474 vn="a variant of Win32/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\Complitly.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\KeepMeUpdated.exe.vir"
sh=124D2DB8310706C1102EB05FD35013EE01B28FC3 ft=1 fh=9e3d2ffc645885da vn="a variant of Win64/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\Complitly64.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\KeepMeUpdated.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21362
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-02 04:56:32
# local_time=2014-12-02 05:56:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 153821 156954 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 153860 169169242 0 0
# scanned=354815
# found=104
# cleaned=0
# scan_time=8890
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir"
sh=A703E83DC6447E84E8582B80A3DBF6C03B77D04A ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=6BF9D715657523581D681EED88C7D864C1DE178B ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Windows\Installer\{DCDF7E9A-228E-4B24-95B3-A928C685FD36}\cfgkdnomfdapcmmpoincemjabefgjblljrx"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
|
|
02.12.2014, 18:41
| #22 |
| | Pc mit malware infiziertFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2014
Ran by Issam276 (administrator) on CROUNTY on 02-12-2014 18:35:41
Running from C:\Users\Issam276\Downloads
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
() C:\Windows\SysWOW64\ANIWConnService.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Wireless Service) C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5293\Battle.net.exe
(Blizzard Entertainment) C:\Program Files (x86)\Diablo III\Diablo III.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-30] (AVAST Software)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-07] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1420DC9A1F4ACD01
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 208.67.222.222,192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Issam276\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: facebook.com/fbDesktopPlugin -> C:\Users\Issam276\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-30]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-01]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (Avast Online Security) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-01]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-30] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-30] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-30] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-30] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-02 18:35 - 2014-12-02 18:36 - 00022680 _____ () C:\Users\Issam276\Downloads\FRST.txt
2014-12-02 15:26 - 2014-12-02 15:26 - 02347384 _____ (ESET) C:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-12-01 18:07 - 2014-12-01 18:07 - 01295360 _____ () C:\Users\Issam276\Downloads\zoek.exe
2014-11-30 23:30 - 2014-12-01 00:12 - 00000000 ____D () C:\zoek_backup
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 23:29 - 2014-11-30 23:29 - 04270204 _____ () C:\Users\Issam276\Downloads\zoek.zip
2014-11-30 23:22 - 2014-11-30 23:22 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\AVAST Software
2014-11-30 23:21 - 2014-11-30 23:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-30 23:21 - 2014-11-30 23:21 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-30 23:21 - 2014-11-30 23:21 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-30 23:21 - 2014-11-30 23:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-30 23:21 - 2014-11-30 23:21 - 00001930 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-30 23:21 - 2014-11-30 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-30 23:21 - 2014-11-30 23:21 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-30 23:17 - 2014-11-30 23:19 - 132469808 _____ (AVAST Software) C:\Users\Issam276\Downloads\avast_free_antivirus_setup_10.2208.712.exe
2014-11-30 22:22 - 2014-11-30 22:22 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-30 22:21 - 2014-11-30 22:22 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Issam276\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-11-30 20:46 - 05599228 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-02 15:19 - 00000504 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-12-01 21:48 - 00342380 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 20:12 - 2014-11-30 20:12 - 01488384 _____ () C:\Users\Issam276\Downloads\msxml6.msi
2014-11-30 20:09 - 2014-11-30 20:10 - 02148864 _____ () C:\Users\Issam276\Downloads\AdwCleaner_4.102.exe
2014-11-30 20:06 - 2014-11-30 20:06 - 02785665 _____ (PortableApps.com) C:\Users\Issam276\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-11-30 20:06 - 2014-11-30 20:06 - 00000000 ____D () C:\Users\Issam276\Downloads\RevoUninstallerPortable
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00001075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 19:40 - 2014-11-30 19:41 - 05329480 _____ (Secunia) C:\Users\Issam276\Downloads\PSISetup_3.0.0.9016.exe
2014-11-30 19:01 - 2014-11-30 19:01 - 02117120 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Downloads\Avast Internet Security License File.rar
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-30 00:59 - 2014-11-30 00:59 - 04036200 _____ (Piriform Ltd) C:\Users\Issam276\Downloads\ccsetup500_slim.exe
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 22:14 - 2014-11-29 22:15 - 07667648 _____ (TeamViewer GmbH) C:\Users\Issam276\Downloads\TeamViewer_Setup_de.exe
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-02 18:33 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-28 23:57 - 2014-11-28 23:58 - 02868792 _____ (Blizzard Entertainment) C:\Users\Issam276\Downloads\Battle.net-Setup-deDE.exe
2014-11-27 22:15 - 2014-11-27 22:27 - 178830517 _____ () C:\Users\Issam276\Downloads\Audio(v6873).zip
2014-11-27 21:20 - 2014-11-27 21:20 - 02721168 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\Windows7-USB-DVD-tool.exe
2014-11-27 20:40 - 2014-11-27 20:41 - 03087631 _____ () C:\Users\Issam276\Downloads\H81M-VG4(1.40)ROM.zip
2014-11-22 19:55 - 2014-11-22 19:55 - 00021017 _____ () C:\Users\Issam276\Downloads\detekt (1).rar
2014-11-22 19:27 - 2014-11-22 19:27 - 00001236 _____ () C:\Users\Issam276\Downloads\detekt.rar
2014-11-22 14:50 - 2014-11-22 18:21 - 00091684 _____ () C:\Users\Issam276\Downloads\detekt.log
2014-11-22 14:50 - 2014-11-22 14:50 - 27810288 _____ () C:\Users\Issam276\Downloads\detekt.exe
2014-11-19 20:24 - 2014-11-19 20:25 - 00002074 _____ () C:\Users\Issam276\Desktop\Oldschool Runescape.lnk
2014-11-19 20:18 - 2014-11-19 20:19 - 23646208 _____ () C:\Users\Issam276\Downloads\OldSchool (2).msi
2014-11-19 20:18 - 2014-11-19 20:18 - 23646208 _____ () C:\Users\Issam276\Downloads\OldSchool (1).msi
2014-11-19 16:27 - 2014-11-19 20:25 - 00000047 _____ () C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
2014-11-19 16:26 - 2014-11-19 16:27 - 23646208 _____ () C:\Users\Issam276\Downloads\OldSchool.msi
2014-11-19 16:23 - 2014-11-19 16:23 - 00638888 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\chromeinstall-8u25 (1).exe
2014-11-19 15:52 - 2014-11-19 15:52 - 00638888 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\chromeinstall-8u25.exe
2014-11-19 15:38 - 2014-11-19 21:31 - 00000024 _____ () C:\Users\Issam276\jagexappletviewer.preferences
2014-11-19 15:38 - 2014-11-19 15:38 - 00000000 ____D () C:\.jagex_cache_32
2014-11-19 15:36 - 2014-11-19 15:36 - 00002104 _____ () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-11-19 15:36 - 2014-11-19 15:36 - 00002074 _____ () C:\Users\Issam276\Desktop\RuneScape.lnk
2014-11-19 15:36 - 2014-11-19 15:36 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-11-19 15:33 - 2014-11-19 15:33 - 23810048 _____ () C:\Users\Issam276\Downloads\RuneScape.msi
2014-11-19 15:31 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:31 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:31 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:31 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 17:48 - 2014-11-18 17:48 - 00001166 _____ () C:\Users\Issam276\Desktop\TERA.lnk
2014-11-18 17:48 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-11-18 17:47 - 2014-11-18 17:46 - 20201072 _____ (Gameforge ) C:\Users\Issam276\Desktop\TERA_GameforgeLiveSetup.exe
2014-11-18 17:46 - 2014-11-18 17:46 - 20201072 _____ (Gameforge ) C:\Users\Issam276\Downloads\TERA_GameforgeLiveSetup.exe
2014-11-16 02:15 - 2014-11-16 02:15 - 00000219 _____ () C:\Users\Issam276\Desktop\Dota 2.url
2014-11-13 20:35 - 2014-11-25 18:29 - 00000000 ____D () C:\Users\Issam276\Downloads\Gameforge Live
2014-11-13 20:35 - 2014-11-13 20:35 - 01048576 _____ () C:\Users\Issam276\Downloads\msert.exe
2014-11-13 20:35 - 2014-11-13 20:35 - 00001950 _____ () C:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-11-13 20:29 - 2014-11-13 20:30 - 20226640 _____ (Gameforge ) C:\Users\Issam276\Downloads\SKILL_GameforgeLiveSetup.exe
2014-11-13 17:08 - 2014-11-13 17:16 - 15368532 _____ () C:\Users\Issam276\Downloads\[I-Raf-you]_Microne_Magazine_6.rar
2014-11-12 23:18 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 23:18 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 23:18 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 23:18 - 2014-10-27 21:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 23:18 - 2014-10-27 21:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 23:18 - 2014-10-27 21:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 23:18 - 2014-10-27 21:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 23:18 - 2014-10-27 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 23:18 - 2014-10-27 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 23:18 - 2014-10-27 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 23:18 - 2014-10-27 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 23:18 - 2014-10-27 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 23:18 - 2014-10-27 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 23:18 - 2014-10-27 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 23:18 - 2014-10-27 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 23:18 - 2014-10-27 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 23:18 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 23:18 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 23:18 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 23:18 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 23:18 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 23:18 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 23:18 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 23:18 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 23:18 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 23:18 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 23:18 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 23:18 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 23:18 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 23:18 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 23:18 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 23:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 23:18 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 23:18 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 23:18 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 23:18 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 23:18 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 23:18 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 23:18 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 23:18 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 23:18 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 23:18 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 23:18 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 23:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 23:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 23:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 23:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 23:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 23:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 23:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 23:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 23:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 23:16 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 23:16 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 23:16 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 23:16 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 23:16 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 23:16 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 23:16 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 23:16 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 23:16 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-08 15:44 - 2014-11-08 15:45 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends (1).rar
2014-11-08 15:42 - 2014-11-08 15:42 - 00066581 _____ () C:\Users\Issam276\Downloads\AWA BOL DOWNLOADER.rar
2014-11-08 15:40 - 2014-11-08 15:40 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-11-07 17:57 - 2014-11-29 00:11 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-11-07 17:56 - 2014-11-07 17:56 - 00137888 _____ (Spotify Ltd) C:\Users\Issam276\Downloads\SpotifySetup.exe
2014-11-07 17:21 - 2014-11-07 17:21 - 34288786 _____ () C:\Users\Issam276\Downloads\torbrowser-install-4.0.1_en-US.exe
2014-11-06 18:45 - 2014-11-06 18:45 - 00001975 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-11-06 18:45 - 2014-06-16 07:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-11-06 18:45 - 2014-06-16 07:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-02 18:35 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-02 18:34 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-02 18:31 - 2013-02-22 18:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-02 18:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 17:02 - 2014-07-04 02:28 - 01623614 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 17:00 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-02 16:31 - 2012-09-19 17:23 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job
2014-12-02 15:28 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 15:28 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 15:20 - 2013-02-22 18:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-02 15:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:41 - 2012-09-25 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-01 21:38 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 19:31 - 2012-09-19 17:23 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:09 - 2013-02-22 18:08 - 00002192 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 23:21 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-30 22:43 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 22:22 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-30 22:22 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:54 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-30 19:54 - 2012-06-14 13:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-30 19:54 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-30 01:24 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-30 00:50 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:49 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-28 19:11 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-11-27 22:18 - 2011-04-12 08:43 - 00770468 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 22:18 - 2011-04-12 08:43 - 00174528 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 22:01 - 2012-06-17 18:19 - 00000024 _____ () C:\Users\Issam276\random.dat
2014-11-19 21:30 - 2012-06-17 18:19 - 00000047 _____ () C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
2014-11-19 16:27 - 2012-06-17 18:19 - 00000000 ____D () C:\Users\Issam276\jagexcache
2014-11-19 16:25 - 2014-08-11 00:04 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-19 16:25 - 2014-08-11 00:04 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-19 16:25 - 2014-08-11 00:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-19 16:25 - 2013-10-29 19:00 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-19 16:25 - 2013-10-29 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-19 16:25 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 00:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-18 17:48 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-18 17:47 - 2014-09-06 18:33 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-11-14 22:26 - 2013-02-22 18:07 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 22:26 - 2013-02-22 18:07 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 12:31 - 2012-06-17 14:07 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Akamai
2014-11-13 15:54 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 00:49 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 00:42 - 2012-06-17 14:06 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 12:13 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-11 12:12 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 17:42
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2014
Ran by Issam276 at 2014-12-02 18:36:51
Running from C:\Users\Issam276\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )
ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ChrisPC DNS Switch 1.40 (HKLM-x32\...\{ECE17478-56C5-4280-AB67-AC2C2CAFA30F}_is1) (Version: - Chris P.C. srl)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{05B1529B-C423-42AA-B981-4ECA247E9FC0}) (Version: 1.09.73 - Dotjosh Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
D-Link Wireless G DWL-G122_DWA-110 (HKLM-x32\...\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}) (Version: - D-Link)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Façade (HKLM-x32\...\{339C3693-8554-4A25-A664-E0B74D2DFA04}) (Version: 1.0.3 - Procedural Arts)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.11 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E741AE90-F491-4EB2-B160-33B0CCD85CB1}) (Version: 2.8.0 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{62DAB694-358E-4C6F-82BF-26DA64B297A6}) (Version: 4.3.2 - Screaming Bee)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-11-2014 14:29:22 Windows Update
27-11-2014 20:21:19 Installed Windows 7 USB/DVD Download Tool
30-11-2014 17:24:11 avast! antivirus system restore point
30-11-2014 17:27:12 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
30-11-2014 18:24:42 avast! antivirus system restore point
30-11-2014 20:33:13 avast! antivirus system restore point
30-11-2014 22:20:49 avast! antivirus system restore point
30-11-2014 22:32:09 zoek.exe restore point
01-12-2014 20:33:57 Removed Windows 7 USB/DVD Download Tool
01-12-2014 20:35:14 Removed Façade
01-12-2014 20:35:41 Removed Façade
01-12-2014 20:36:38 Removed MorphVOX Pro
01-12-2014 20:37:03 Removed MorphVOX Junior
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0B70D5A1-FC0C-4567-84B3-FA8C61598DD3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-30] (AVAST Software)
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {181CF0AB-DAE3-4E35-A43E-6BCC9EA672F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {260A62D5-8017-49B7-871D-68159B4FD231} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {455EC1A1-A8EB-4743-B7C0-9569F58741D7} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {46510369-2D69-4AE4-89D2-EA3FC9E2751B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5F97C91C-7B67-4A52-9DD7-0E6FA102D424} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-30] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A0B271A8-0315-4B2F-8A8E-1D955B9A3912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2013-03-28 21:31 - 2013-03-28 21:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2012-06-22 13:41 - 2009-07-07 19:10 - 00151552 _____ () C:\Windows\SysWOW64\ANIWConnService.exe
2012-07-10 10:29 - 2014-01-05 20:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 14:07 - 2014-08-10 11:33 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 14:07 - 2014-08-10 11:33 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00134088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00265160 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00029640 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\test_plugin.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-12-02 15:14 - 2014-12-02 15:14 - 02904576 _____ () C:\Program Files\AVAST Software\Avast\defs\14120200\algo.dll
2014-12-02 15:29 - 2014-12-02 15:29 - 02904576 _____ () C:\Program Files\AVAST Software\Avast\defs\14120201\algo.dll
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2012-06-22 13:41 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIOApi.dll
2014-11-30 23:21 - 2014-11-30 23:21 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-15 15:06 - 2014-05-19 15:13 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 15:33 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/02/2014 03:26:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2014 03:26:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2014 03:26:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2014 03:26:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2014 03:26:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2014 03:25:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (12/02/2014 03:23:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (12/02/2014 03:21:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/02/2014 03:15:44 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (12/02/2014 03:15:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
System errors:
=============
Error: (12/02/2014 03:21:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (12/02/2014 03:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/02/2014 03:20:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.
Error: (12/02/2014 03:19:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/02/2014 03:19:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/02/2014 03:17:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/02/2014 03:17:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/02/2014 03:17:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/02/2014 03:17:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/02/2014 03:17:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (12/02/2014 03:26:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
Error: (12/02/2014 03:26:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
Error: (12/02/2014 03:26:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
Error: (12/02/2014 03:26:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
Error: (12/02/2014 03:26:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
Error: (12/02/2014 03:25:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (12/02/2014 03:23:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
Error: (12/02/2014 03:21:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/02/2014 03:15:44 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (12/02/2014 03:15:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
CodeIntegrity Errors:
===================================
Date: 2014-11-30 20:57:24.409
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-30 20:57:24.253
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-29 09:37:48.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 8174.12 MB
Available physical RAM: 3719.49 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 11555.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:921.75 GB) (Free:688.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.12.2014, 18:49
| #23 |
| /// TB-Ausbilder /// Anleitungs-Guru | Pc mit malware infiziert Wie läuft die Kiste jetzt sonst so? Noch Probleme?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
