| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus trotz Kaspersky Anti-Virus; was machen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
06.12.2014, 15:18
| #1 | |
 |  Virus trotz Kaspersky Anti-Virus; was machen?Zitat:
__________________ Proud member of Unite |
|
06.12.2014, 15:29
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Virus trotz Kaspersky Anti-Virus; was machen? Ich übernehme ab hier:
__________________Schritt 1   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ |
|
06.12.2014, 17:02
| #3 |
 | Virus trotz Kaspersky Anti-Virus; was machen? FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Max (administrator) on MAX-PC on 06-12-2014 16:59:52
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]
Chrome:
=======
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=", "hxxp://search.fbdownloader.com/?channel=de"
CHR DefaultSearchKeyword: Default -> vosteran.com
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-08]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Vosteran New Tab) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2014-12-06]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 16:59 - 2014-12-06 16:59 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-12-06 02:02 - 2014-12-06 02:03 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 01:43 - 2014-12-06 01:43 - 00000615 _____ () C:\Users\Max\Desktop\ckfiles.txt
2014-12-06 01:41 - 2014-12-06 01:41 - 00468480 _____ () C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 01:24 - 2014-12-06 01:36 - 153463376 _____ (Steinberg Media Technologies GmbH) C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 01:24 - 2014-12-06 01:29 - 58948264 _____ () C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-06 00:33 - 2014-12-06 00:33 - 00000000 ____D () C:\AV-CLS
2014-12-05 23:51 - 2014-12-05 23:51 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 23:11 - 2014-12-05 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 23:11 - 2014-12-05 23:11 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-12-05 23:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-05 23:10 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 23:10 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 23:08 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-05 23:08 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-05 23:08 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-05 23:08 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 23:03 - 2014-12-05 23:07 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-05 21:31 - 00021075 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-06 17:00 - 00022687 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-06 16:59 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-06 16:59 - 02118144 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:21 - 2014-12-05 20:21 - 00774944 _____ () C:\Users\Max\Downloads\ReimageRepair.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ___HD () C:\Users\Max\AppData\Roaming\GoldenGate
2014-12-05 20:19 - 2014-12-05 20:29 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-06 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-06 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-06 16:57 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\WorldofTanks
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\StormFall
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 17:00 - 2012-07-18 20:50 - 01705997 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 16:57 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 16:56 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 16:56 - 2010-11-21 04:47 - 00772934 _____ () C:\Windows\PFRO.log
2014-12-06 16:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 16:56 - 2009-07-14 05:51 - 00024735 _____ () C:\Windows\setupact.log
2014-12-06 02:04 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 02:04 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 01:50 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-06 01:42 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-06 01:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 01:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 01:32 - 2012-07-30 14:39 - 00010016 _____ () C:\Windows\DPINST.LOG
2014-12-06 01:32 - 2012-07-30 14:39 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-12-06 01:32 - 2012-07-30 14:39 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-12-06 01:31 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 23:43 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-12-05 23:33 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:33 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:12 - 2014-04-07 16:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA
2014-12-05 23:11 - 2012-07-18 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-05 23:11 - 2012-07-18 21:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-05 23:10 - 2012-07-18 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-05 21:18 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:39 - 2014-03-19 13:21 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Common
2014-12-05 20:39 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Visicom Media
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 21:22 - 2014-09-26 00:15 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-17 23:18 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00009450 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2013-02-25 23:32 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2012-07-18 21:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2012-07-18 21:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2012-07-18 21:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:29 - 2012-07-18 21:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 22:51 - 2014-07-10 23:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip
2014-11-07 16:41 - 2014-04-07 15:12 - 00000000 ____D () C:\ProgramData\Package Cache
Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe
C:\Users\Max\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\Max\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Max\AppData\Local\Temp\nvStInst.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe
C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Max\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 14:27
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014
Ran by Max at 2014-12-06 17:01:02
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-18 21:24 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2012-07-18 20:59 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: DataMgr => "C:\Users\Max\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: Intermediate => "C:\Users\Max\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Max\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: SCheck => "C:\Users\Max\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: Seventh => "C:\Users\Max\AppData\Roaming\Seventh\Seventh.exe"
MSCONFIG\startupreg: Sixth => "C:\Users\Max\AppData\Roaming\Sixth\Sixth.exe"
MSCONFIG\startupreg: Snoozer => "C:\Users\Max\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Max\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: Switcher => "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/06/2014 04:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 11:54:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/05/2014 11:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 11:10:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-12-04 21:53:43.825
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.822
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.802
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.801
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.799
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16346.33 MB
Available physical RAM: 13508.07 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 29733.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:771.51 GB) (Free:625.1 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
06.12.2014, 17:11
| #4 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen? Hi, bitte Deinem Kaspersky sagen, er soll beim Zoek-Download und Scan die Klappe halten - ergo: Echtzeitschutz vor Schritt 1 deaktivieren: Schritt 1 Download von  ZOEK (by Smeenk)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2014, 18:07
| #5 |
| | Virus trotz Kaspersky Anti-Virus; was machen? Zoek.exe v5.0.0.0 Updated 03-December-2014 Tool run by Max on 06.12.2014 at 17:19:51,84. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Max\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 06.12.2014 17:20:35 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\Avira deleted successfully C:\PROGRA~2\DebugMode deleted successfully C:\PROGRA~2\ManyCam deleted successfully C:\PROGRA~2\Rainlendar2 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26 deleted successfully C:\PROGRA~3\Guitar Pro 6 deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Visicom Media deleted successfully C:\Users\Max\AppData\Roaming\Common deleted successfully C:\Users\Max\AppData\Roaming\Splashtop deleted successfully C:\Users\Max\AppData\Roaming\TP deleted successfully C:\Users\Max\AppData\Local\StormFall deleted successfully C:\Users\Max\AppData\Local\WorldofTanks deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Max\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by E Dev R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [AVP15.0.0] - Kaspersky Anti-Virus Service 15.0.0 - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 15.0.0\avp.exe R2 - [cvhsvc] - Client Virtualization Handler - c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe R2 - [FastTrackProAudioDevMon] - Fast Track Pro Audio Device Monitor - c:\program files (x86)\m-audio\fast track pro\audiodevmon.exe R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe R2 - [sftlist] - Application Virtualization Client - c:\program files (x86)\microsoft application virtualization client\sftlist.exe R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe R2 - [UMVPFSrv] - UMVPFSrv - c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe R2 - [WMPNetworkSvc] - Windows Media Player-Netzwerkfreigabedienst - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files (x86)\microsoft application virtualization client\sftvsa.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update-Dienst (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [SeaPort] - SeaPort - c:\program files (x86)\microsoft\bingbar\seaport.exe [x] S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Gatewaydienst auf Anwendungsebene - c:\windows\system32\alg.exe S3 - [BBSvc] - Bing Bar Update Service - c:\program files (x86)\microsoft\bingbar\bbsvc.exe [x] S3 - [COMSysApp] - COM+-Systemanwendung - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center-Empfängerdienst - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center-Planerdienst - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation-Schriftartcache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe S3 - [gupdatem] - Google Update-Dienst (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe S3 - [PerfHost] - Leistungsindikator-DLL-Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - RPC-Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP-Trap - c:\windows\system32\snmptrap.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtueller Datenträger - c:\windows\system32\vds.exe S3 - [VSS] - Volumeschattenkopie - c:\windows\system32\vssvc.exe S3 - [wbengine] - Blockebenen-Sicherungsmodul - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI-Leistungsadapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET-Zustandsdienst - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.search.suggest.enabled", false); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\prefs.js: ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs__1729_.backup ==== Deleting Files \ Folders ====================== C:\Users\Max\.android deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\Users\Max\ChromeExtensions deleted C:\Users\Max\AppData\Roaming\WB.CFG deleted C:\Users\Max\AppData\Roaming\GoldenGate deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\EmailNotifier deleted C:\Users\Max\AppData\Local\cache deleted C:\Users\Max\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito deleted C:\Users\Max\Downloads\ReimageRepair.exe deleted C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\jetpack deleted "C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E}" deleted "C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 16347 MB CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz CPU Speed: 3397,5 MHz Sound Card: Lautsprecher (VIA High Definiti | Line 1/2 (2- M-Audio Fast Track | Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; PnP-Monitor (Standard) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: SAMSUNG Mobile USB Remote NDIS Network Device | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) CD / DVD Drives: 2x (D: | J: | ) D: HL-DT-STDVDRAM GH24NS90 | J: DTSOFT BDROM Ports: COM1 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 771,5GB | K: 160,0GB | Q: 0,0MB Hard Disks - Free: C: 625,0GB | K: 159,9GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/11/12 | ALASKA - 1072009 Time Zone: Mitteleuropäische Zeit Motherboard *: Gigabyte Technology Co., Ltd. H77M-D3H Country: Deutschland Language: DEU ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Anti-Virus On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Anti-Virus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 34.0.5 Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 34.0.5 (x86 de) Google Chrome version: 39.0.2171.71 Adobe Reader version: 11.0.9.29 Flash Player version: 15.0.0.239 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-03 20:44:04 F9F4905664C5B42B49E78EFA12D1A6B6 20 ----a-w- C:\Windows\ˆø' 2014-11-30 06:39:57 0DD37FF1ADA43B8955C6525DE7ACFD42 802013673 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Max\AppData\Local\Temp ==== 2014-12-06 00:32:08 05499C8E0A5EF56CE4988017F2485764 925184 ------w- C:\Users\Max\AppData\Local\Temp\eLicenserInst\eLicenser Driver Package\x64\DPInst.exe 2014-12-05 23:33:02 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\OSProvider.dll 2014-12-05 23:33:02 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismCorePS.dll 2014-12-05 23:33:02 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\IntlProvider.dll 2014-12-05 23:33:02 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismProv.dll 2014-12-05 23:33:02 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DmiProvider.dll 2014-12-05 23:33:02 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\UnattendProvider.dll 2014-12-05 23:33:02 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\wdscore.dll 2014-12-05 23:33:02 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\TransmogProvider.dll 2014-12-05 23:33:02 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\WimProvider.dll 2014-12-05 23:33:02 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\CbsProvider.dll 2014-12-05 23:33:02 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismCore.dll 2014-12-05 23:33:02 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\FolderProvider.dll 2014-12-05 23:33:02 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\CompatProvider.dll 2014-12-05 23:33:02 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismHost.exe 2014-12-05 23:33:02 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\MsiProvider.dll 2014-12-05 23:33:02 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\SmiProvider.dll 2014-12-05 22:42:17 18958A2E7C65349F9FB41B31E3C5A623 901363 ----a-w- C:\Users\Max\AppData\Local\Temp\Rar$EXa0.606\Multi_AV.exe 2014-12-05 22:09:01 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Users\Max\AppData\Local\Temp\nvStInst.exe 2014-12-05 20:17:40 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\libiconv2.dll 2014-12-05 20:17:40 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\libintl3.dll 2014-12-05 20:17:40 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\pcre3.dll 2014-12-05 20:17:40 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\regex2.dll 2014-12-05 20:17:40 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-12-05 19:29:09 6AACB4C3D5421477B6020C40505FE3BE 116064 ----a-w- C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe 2014-12-05 19:29:05 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Max\AppData\Local\Temp\17736377.Uninstall\uninstaller.exe 2014-12-05 19:21:33 6DC42EA47296B08B1047682161051FA6 13263976 ----a-w- C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe 2014-12-05 19:20:28 DE3DD2C419C7B383E6FD7997A782D5D1 95232 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\node_modules\gameo_utils\build\Release\gameo_utils.dll 2014-12-05 19:20:28 9EE20E6E2E3F94714D44F739B9A228F4 17048240 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\plugins\NPSWF32_14_0_0_179.dll 2014-12-05 19:20:28 76DCCDD092768DAB0D19714799F21686 414208 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\node_modules\goldengate\build\Release\goldengate.dll 2014-12-05 19:19:36 FEE30971F3E6330C0A82FBFC49C47B4B 35312668 ----a-w- C:\Users\Max\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE 2014-12-03 20:44:50 8C47303CE87AEAE0E0283EC1E2072BEB 126976 ------w- C:\Users\Max\AppData\Local\Temp\{1647D81D-7ACA-444E-952E-945FDAF4A4D0}\{1E03C8BE-0848-430F-BECA-7D7709401626}\InstallHelper.dll 2014-12-03 20:38:15 F4AD2428504B14403FECF254E3B82A86 941848 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\UnSetup.exe 2014-12-03 20:38:15 3EA4B01045BB503A0ADDEFE7FBD97D5D 55128 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\InstallData\Interop.IWshRuntimeLibrary.dll 2014-12-03 20:37:09 E2169AD646E94984BDECFDDBA604C1C8 204800 ----a-w- C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll 2014-12-03 20:37:08 153E62901A65D7D26113EBB58683B735 375992 ----a-w- C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe 2014-12-03 20:33:12 465B712B806D518BEF251F1CD02AFC4C 74177 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\4137b8eca8706c173ba3d2bdbda97f53\FRAPS19D.EXE 2014-12-03 20:32:51 3C16B7CAAF77B766734D52093F2DCCA1 370512 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\dmr_72.exe 2014-11-27 23:01:10 E77E38246C4F8A3F372B833CF88815A4 36352 ----a-w- C:\Users\Max\AppData\Local\Temp\2186639\x64\wmi64.exe 2014-11-27 09:04:24 4BE307353A509F66785DC83AFA915330 367448 ------w- C:\Users\Max\AppData\Local\Temp\is765589038\30AB373D_stp\Couponmonkey.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-05 22:11:11 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll 2014-12-05 22:11:10 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll 2014-12-05 22:11:08 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2014-12-05 22:10:48 7F2B1D9656D673A6D1383A30F2F8820B 1291280 ----a-w- C:\Windows\SysWOW64\nvspbridge.dll 2014-12-05 22:10:48 71D73785949F5FD3CD18CEF3D2FD7500 2197680 ----a-w- C:\Windows\SysWOW64\nvspcap.dll 2014-12-05 22:10:11 F21877BF9917249CA16BBAF0833434C2 615624 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-12-05 22:08:56 3CE5D0F1FC2127723B3AF13CAC41496F 32584 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll 2014-12-05 22:08:55 EC054B6480A3C290A35320C518F2DA5E 303600 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2014-12-05 22:08:55 D30378B2EACC727AC577B781F4E4E464 923792 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2014-12-05 22:08:55 B02837FC74C47836100CABB814DE6C87 156840 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2014-12-05 22:08:55 8A9D062C89C6343CC8F57AEBF607EB97 871648 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2014-12-05 22:08:55 8695BF11BB2C0A5EBFFA5CC15FFFDC6D 11397744 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2014-12-05 22:08:55 84DC24633E189CFF0912AA5291D3598D 4011208 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2014-12-05 22:08:55 7CDA6A1347F4C38C18A541B0C0209274 17259664 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2014-12-05 22:08:55 76FC4D850951BAD50BC24A5DC1DB099C 24557712 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2014-12-05 22:08:55 36DC7A09D440B6D863E8AD87AFD17249 11336432 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2014-12-05 22:08:55 018B444F632D7CDE2F01AAFB75149B6F 900928 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2014-12-05 04:05:33 717E9CA09CB53DC2BBB2DAF78D713828 183808 ----a-w- C:\Windows\SysWOW64\xvidvfw.dll 2014-12-05 04:05:33 2AE2C164587549B3872E5EB109FB12F8 810496 ----a-w- C:\Windows\SysWOW64\xvidcore.dll 2014-12-05 04:05:33 201E4F170E3B59E6AB6784122C67E926 112640 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll 2014-12-05 04:05:33 0903FEFCBD4B28C747DE7EE8201F14D1 714 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll.manifest ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-05 22:11:11 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll 2014-12-05 22:11:10 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll 2014-12-05 22:11:08 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll 2014-12-05 22:10:48 BD6E0701DEFADBC0CB1AF58FE538E850 2800296 ----a-w- C:\Windows\Sysnative\nvspcap64.dll 2014-12-05 22:10:48 3CF726DAA01DED40935F170521DA57A7 1715224 ----a-w- C:\Windows\Sysnative\nvspbridge64.dll 2014-12-05 22:08:56 57E904259962D850CB825BAACD3C5C9F 35144 ----a-w- C:\Windows\Sysnative\nvaudcap64v.dll 2014-12-05 22:08:55 D5424A3E2384876DCB5F3685C86F8E2A 4292416 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2014-12-05 22:08:55 BDEC06F2C95004ADC3B7104DFA32B8E9 352016 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2014-12-05 22:08:55 B26BF1B9402896AC3B756979C808B55C 20922512 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2014-12-05 22:08:55 AA6A70C2A692BDAC567BAB57521FC324 13944952 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2014-12-05 22:08:55 851FBA69C8CDE4C000FD2BEC79B2EEAB 20986592 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll 2014-12-05 22:08:55 5C580DF5662F2A5974A98D461F745AA5 935240 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2014-12-05 22:08:55 4DEE167489A95AAC0D1357BB6FC3E7FD 1876296 ----a-w- C:\Windows\Sysnative\nvdispco6434475.dll 2014-12-05 22:08:55 357B2D46EE9EC3D8A794C31CAAF4EBB1 1540424 ----a-w- C:\Windows\Sysnative\nvdispgenco6434475.dll 2014-12-05 22:08:55 2CDFC8CB13FE7953E57F2B217AD58550 174856 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2014-12-05 22:08:55 217AEFFF4AFB65176E4E01E791F29FDC 14032984 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2014-12-05 22:08:55 20477E757C88F5630B118C2B409753DF 19966344 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll 2014-12-05 22:08:55 14D26D0296CF1F2A4BF9C633401A701A 31520 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2014-12-05 22:08:55 00BC15E8285B91588AB6E496BDB04BD3 31893136 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2014-12-05 22:08:55 00BA523771F2F27AEC3DA4B024640526 964928 ----a-w- C:\Windows\Sysnative\NvIFR64.dll ====== C:\Windows\Sysnative\drivers ===== 2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys 2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2014-12-05 22:08:55 185B4FFECD886A424B57B58AE173FBBE 13213512 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-11-13 00:26:23 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-11-07 15:37:00 CD81447AB991F3E7F1FCF59CEA07D1E0 793800 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-11-07 15:37:00 7ED6B6805B3E1BC9DC2418F1C5C920B4 243808 ----a-w- C:\Windows\Sysnative\drivers\klhk.sys 2014-11-07 15:37:00 2A88EFE87B5F23BA47FF7AF2DEAEB98F 141320 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-12-05 17:16:08 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-12-05 00:23:06 -------- d-----w- C:\PROGRA~2\M-Audio 2014-12-05 00:23:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Digidesign 2014-12-04 23:54:15 -------- d-----w- C:\PROGRA~2\RandyRants.com 2014-12-04 23:49:03 -------- d-----w- C:\PROGRA~2\AutoHotkey 2014-12-04 23:09:12 -------- d-----w- C:\PROGRA~2\Microsoft Keyboard Layout Creator 1.4 2014-11-07 15:37:07 -------- d-----w- C:\PROGRA~2\Kaspersky Lab ======= C: ===== 2014-12-05 19:38:15 8D987BE841B404B83E6CE18C33C44C88 55 ----a-w- C:\AdwCleanerDebug.txt ====== C:\Users\Max\AppData\Roaming ====== 2014-12-05 22:11:46 -------- d-----w- C:\Users\Max\AppData\Local\NVIDIA Corporation 2014-12-05 00:43:27 -------- d-----w- C:\Users\Max\AppData\Local\M-Audio 2014-12-05 00:29:02 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\M-Audio 2014-12-04 23:54:15 -------- d-----w- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com 2014-12-04 23:09:27 -------- d-----w- C:\Users\Max\AppData\Local\MSKLC 2014-12-03 20:26:29 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieBrowserModeList 2014-12-03 20:26:28 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieUserList 2014-12-03 20:26:28 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieSiteList 2014-11-20 20:12:09 -------- d-----w- C:\Users\Max\AppData\Roaming\Visicom Media 2014-11-06 23:59:20 -------- d-----w- C:\Users\Max\AppData\Roaming\Bao_Nguyen 2014-11-06 23:59:20 -------- d-----w- C:\Users\Max\AppData\Local\Bao_Nguyen ====== C:\Users\Max ====== 2014-12-06 01:02:38 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe 2014-12-06 00:41:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Max\Desktop\CKScanner.exe 2014-12-06 00:24:58 81DAB3952B9FD6CB00773AD5161FAEF1 153463376 ----a-w- C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe 2014-12-06 00:24:54 01FACBE85DCDC89D142DE17A61F101BD 58948264 ----a-w- C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe 2014-12-05 22:51:02 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe 2014-12-05 22:10:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-12-05 22:03:11 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe 2014-12-05 20:17:17 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Max\Downloads\JRT.exe 2014-12-05 19:55:05 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-05 19:36:37 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\Max\Downloads\AdwCleaner_4.104.exe 2014-12-05 19:22:58 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\Downloads\FRST64.exe 2014-12-05 19:18:16 F1D529A60AA57EDC3A98E76480C2BB52 803152 ----a-w- C:\Users\Max\Downloads\FileOpenerSetup.exe 2014-12-05 17:45:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-12-05 17:15:13 6B3348A473A331468C7F110E0ECD14B3 244264 ----a-w- C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe 2014-12-05 04:00:42 BB6412B73307F1C3CD32BE58A56E671D 100117000 ----a-w- C:\Users\Max\Downloads\SplitCamSetup.exe 2014-12-05 00:43:27 -------- d-----w- C:\ProgramData\M-Audio 2014-12-05 00:23:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio 2014-12-05 00:21:40 -------- d-----w- C:\ProgramData\AVID 2014-12-04 23:49:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2014-12-04 23:48:50 97BC6AD7EF40955712CA1E4E8E195104 2047357 ----a-w- C:\Users\Max\Downloads\AutoHotkey104805_Install.exe 2014-12-04 23:08:16 7BB68B4DB54BADDD6F1C15895BE35B5F 10597792 ----a-w- C:\Users\Max\Downloads\MSKLC.exe 2014-12-04 23:04:22 513D270678DAA215C06AAC55B68B5AF8 301688 ----a-w- C:\Users\Max\Downloads\dpclat.exe 2014-12-03 20:33:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2014-12-03 20:32:44 925E5FC04B298E37BCD99AF2A3B9CDD8 1174352 ----a-w- C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe 2014-12-03 20:26:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2014-11-27 22:57:41 2AD9820E4B17E78110A6AA06BF5C1CE2 4184008 ----a-w- C:\Users\Max\Downloads\tdsskiller.exe 2014-11-27 22:57:18 D1CF834179B085457AEB6152A260CD80 164003712 ----a-w- C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe 2014-11-07 15:37:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2014-11-07 15:37:07 -------- d-----w- C:\ProgramData\Kaspersky Lab ====== C: exe-files == 2014-12-06 15:59:46 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0F0ANW5V\FRST64[1].exe 2014-12-06 01:02:38 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe 2014-12-06 00:41:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Max\Desktop\CKScanner.exe 2014-12-06 00:32:08 05499C8E0A5EF56CE4988017F2485764 925184 ------w- C:\Users\Max\AppData\Local\Temp\eLicenserInst\eLicenser Driver Package\x64\DPInst.exe 2014-12-06 00:24:58 81DAB3952B9FD6CB00773AD5161FAEF1 153463376 ----a-w- C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe 2014-12-06 00:24:54 01FACBE85DCDC89D142DE17A61F101BD 58948264 ----a-w- C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe 2014-12-05 23:33:02 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismHost.exe 2014-12-05 22:51:02 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe 2014-12-05 22:42:17 18958A2E7C65349F9FB41B31E3C5A623 901363 ----a-w- C:\Users\Max\AppData\Local\Temp\Rar$EXa0.606\Multi_AV.exe 2014-12-05 22:11:56 99CD14EFE0F5A39FD6FA63B0D62F5E88 4451032 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\00006942\DAO.19113547.exe 2014-12-05 22:11:56 28970D295417AA1D81979E397BE4717F 334784 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\000067a9\DRS update.19048648.exe 2014-12-05 22:11:56 053A3499F9FA53C8CA808033C0F2B8E2 429800 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\00006943\CoProc update.19113656.exe 2014-12-05 22:11:16 024299B2B0E1C11320A4592570D8DE20 1149760 ----a-w- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 2014-12-05 22:10:48 E4AD0AFE043D17AE714B63A55FABF4A9 3679040 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe 2014-12-05 22:10:48 BEB10564C6245948B59FDAA7495A02D7 86160 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe 2014-12-05 22:10:48 4DD746CD8F9EF8A8D07B13CF21FCEDB6 127296 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedVisualizer.exe 2014-12-05 22:10:45 EE15D4E3AB44C67505F25DD38DF6DA85 638784 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-12-05 22:10:45 C9FBCB16A6E8F829D3EBB6951DC29F77 5102912 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe 2014-12-05 22:10:45 C982FE172EA1C7B840C4243C5AB3F8BE 19821376 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 2014-12-05 22:10:44 BB5C9345CB1892DF6A2728233F9B3E25 4816200 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe 2014-12-05 22:10:44 5BEAC67EE916146E380099B9C6796841 597992 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe 2014-12-05 22:10:11 F21877BF9917249CA16BBAF0833434C2 615624 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-12-05 22:10:11 E135479F83909D3596A18E5F92A7E3AF 896328 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2014-12-05 22:10:11 C1A1BECD74232ADE9DEEBF46ED207446 436424 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2014-12-05 22:10:11 A9425CB7D5A698EA49BE0DF55A448E68 409800 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2014-12-05 22:10:11 89AE9D8AD1E09F6E565A8FE1ED2F30C2 834888 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2014-12-05 22:10:11 31E342F7F7F573D7EA8836B62362C51A 1909064 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2014-12-05 22:10:11 1FB211EF360CEAAF40997A4F0E13D1EE 2612224 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2014-12-05 22:10:11 0F4D0B9B315AB94517E43E5FC12FAF31 1109824 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2014-12-05 22:10:11 0B3B2F24B4312119DF4B2F750A01E214 8357704 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2014-12-05 22:10:08 D6A687B5E24257B5D3991C0D9BC45BBC 1796928 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2014-12-05 22:09:57 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE 2014-12-05 22:09:01 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Users\Max\AppData\Local\Temp\nvStInst.exe 2014-12-05 22:08:56 1AA224A6535CB25057F17512EE09D3E9 18959720 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{F4B175E6-46FB-4D01-9B8D-95A6515A551A}\3DVision.exe 2014-12-05 22:08:55 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F18B2EE3-6801-45EE-B73D-CE2F8411DABA}\dbInstaller.exe 2014-12-05 22:08:55 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2014-12-05 22:08:55 AAB541C139C9BC98D7788045031B1A5A 85383656 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F18B2EE3-6801-45EE-B73D-CE2F8411DABA}\NvCplSetupInt.exe 2014-12-05 22:07:58 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\setup.exe 2014-12-05 22:07:54 F4B7FA4858FC2DA365B6F119E03DD7F0 2728736 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nwiz.exe 2014-12-05 22:07:54 D9DDC41CCA78407D273B70AF4C6FAB81 18184000 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe 2014-12-05 22:07:54 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\setup.exe 2014-12-05 22:07:54 A35F9D3872B1740148A3EAB9E6B95741 479520 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nvTaskBar.exe 2014-12-05 22:07:54 523499F8D0B0C313F7888B8D9450E4A3 197440 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Update.Core\WLMerger.exe 2014-12-05 22:07:53 EE15D4E3AB44C67505F25DD38DF6DA85 638784 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-12-05 22:07:53 E4AD0AFE043D17AE714B63A55FABF4A9 3679040 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps64.exe 2014-12-05 22:07:53 D6A687B5E24257B5D3991C0D9BC45BBC 1796928 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Network.Service\NVNetworkService.exe 2014-12-05 22:07:53 C9FBCB16A6E8F829D3EBB6951DC29F77 5102912 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2014-12-05 22:07:53 C982FE172EA1C7B840C4243C5AB3F8BE 19821376 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe 2014-12-05 22:07:53 BEB10564C6245948B59FDAA7495A02D7 86160 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe 2014-12-05 22:07:53 4DD746CD8F9EF8A8D07B13CF21FCEDB6 127296 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe 2014-12-05 22:07:53 12AB2C8AAB31F84C7AB82010DDCCE1C8 2831168 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps.exe 2014-12-05 22:07:53 0E063925CE9A2CCF520B257D4684AB09 3999040 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2014-12-05 22:07:52 F57258F04743DF38C491030652095359 521024 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\DXSETUP.exe 2014-12-05 22:07:52 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe 2014-12-05 22:07:52 BB5C9345CB1892DF6A2728233F9B3E25 4816200 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe 2014-12-05 22:07:52 AAB541C139C9BC98D7788045031B1A5A 85383656 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe 2014-12-05 22:07:52 7484ABE3354FE9D818C419D47DCBE28D 916800 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService32.exe 2014-12-05 22:07:52 5BEAC67EE916146E380099B9C6796841 597992 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience\7z.exe 2014-12-05 22:07:52 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe 2014-12-05 22:07:52 478D7132376A9B209C06CB5136F5436A 744736 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nvAppBar.exe 2014-12-05 22:07:52 381474F8A4477CF4951553EF530B0ED5 2465088 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Update.Core\NvBackend.exe 2014-12-05 22:07:52 1AA224A6535CB25057F17512EE09D3E9 18959720 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVision\3DVision.exe 2014-12-05 22:07:52 024299B2B0E1C11320A4592570D8DE20 1149760 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService64.exe 2014-12-05 22:03:11 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe 2014-12-05 20:17:40 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-12-05 20:17:17 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Max\Downloads\JRT.exe 2014-12-05 19:55:05 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-05 19:36:37 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\Max\Downloads\AdwCleaner_4.104.exe 2014-12-05 19:29:09 6AACB4C3D5421477B6020C40505FE3BE 116064 ----a-w- C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe 2014-12-05 19:29:05 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Max\AppData\Local\Temp\17736377.Uninstall\uninstaller.exe 2014-12-05 19:22:58 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\Downloads\FRST64.exe 2014-12-05 19:22:58 AEED85060B2A31847910E7FE2A27F433 2117632 ----a-w- C:\Users\Max\Downloads\FRST-OlderVersion\FRST64.exe 2014-12-05 19:21:33 6DC42EA47296B08B1047682161051FA6 13263976 ----a-w- C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe 2014-12-05 19:19:36 FEE30971F3E6330C0A82FBFC49C47B4B 35312668 ----a-w- C:\Users\Max\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE 2014-12-05 19:18:16 F1D529A60AA57EDC3A98E76480C2BB52 803152 ----a-w- C:\Users\Max\Downloads\FileOpenerSetup.exe 2014-12-05 17:45:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-12-05 17:16:09 B015BE6E7E2E47EDF38186C3CCCD41CF 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2014-12-05 17:16:08 B4E9C7383A705628AD491CF0F87D901F 114800 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2014-12-05 17:15:13 6B3348A473A331468C7F110E0ECD14B3 244264 ----a-w- C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe 2014-12-05 04:00:42 BB6412B73307F1C3CD32BE58A56E671D 100117000 ----a-w- C:\Users\Max\Downloads\SplitCamSetup.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_853F67D554F05449430E7E.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe 2014-12-04 23:49:03 4B670AE0775B0C21C293C3714AEDDBE5 50484 ----a-w- C:\Program Files (x86)\AutoHotkey\uninst.exe 2014-12-04 23:48:50 97BC6AD7EF40955712CA1E4E8E195104 2047357 ----a-w- C:\Users\Max\Downloads\AutoHotkey104805_Install.exe 2014-12-04 23:08:16 7BB68B4DB54BADDD6F1C15895BE35B5F 10597792 ----a-w- C:\Users\Max\Downloads\MSKLC.exe 2014-12-04 23:04:22 513D270678DAA215C06AAC55B68B5AF8 301688 ----a-w- C:\Users\Max\Downloads\dpclat.exe 2014-12-03 20:38:15 F4AD2428504B14403FECF254E3B82A86 941848 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\UnSetup.exe 2014-12-03 20:37:08 153E62901A65D7D26113EBB58683B735 375992 ----a-w- C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe 2014-12-03 20:33:15 E4420337B6889E38F3C7221FDA0123E1 21730 ----a-w- C:\Fraps\uninstall.exe 2014-12-03 20:33:12 465B712B806D518BEF251F1CD02AFC4C 74177 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\4137b8eca8706c173ba3d2bdbda97f53\FRAPS19D.EXE 2014-12-03 20:32:51 3C16B7CAAF77B766734D52093F2DCCA1 370512 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\dmr_72.exe 2014-12-03 20:32:44 925E5FC04B298E37BCD99AF2A3B9CDD8 1174352 ----a-w- C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe === C: other files == 2014-12-05 22:10:45 D6E22C63F1F2B2B5B5E95F70BEBDB2BC 20800 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 2014-12-05 22:09:57 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys 2014-12-05 22:09:57 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys 2014-12-05 22:08:56 D2DF95CDE541021B7908503C6FE8F306 434832 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{0D05D2E1-8C3B-499B-9A60-2C43A5488DF7}\nvstusb32.sys 2014-12-05 22:08:56 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{96DC57F9-1714-40CD-B9D4-90BC49E22080}\NVSWCFilter32.sys 2014-12-05 22:08:56 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5D5F0A93-57D9-4C4F-A450-FABC8AC7C34E}\nvvad32v.sys 2014-12-05 22:08:56 61E742FCFC9621DFD173B7AD7841CE4C 451216 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{0D05D2E1-8C3B-499B-9A60-2C43A5488DF7}\nvstusb64.sys 2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys 2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5D5F0A93-57D9-4C4F-A450-FABC8AC7C34E}\nvvad64v.sys 2014-12-05 22:08:56 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{96DC57F9-1714-40CD-B9D4-90BC49E22080}\NVSWCFilter64.sys 2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda64v.sys 2014-12-05 22:08:55 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda32.sys 2014-12-05 22:08:55 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda32v.sys 2014-12-05 22:08:55 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda64.sys 2014-12-05 22:08:55 185B4FFECD886A424B57B58AE173FBBE 13213512 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2014-12-05 22:07:58 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\NVI2SystemService64.sys 2014-12-05 22:07:58 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\NVI2SystemService32.sys 2014-12-05 22:07:57 D6E22C63F1F2B2B5B5E95F70BEBDB2BC 20800 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2014-12-05 22:07:57 D2DF95CDE541021B7908503C6FE8F306 434832 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys 2014-12-05 22:07:57 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter32.sys 2014-12-05 22:07:57 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys 2014-12-05 22:07:57 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService64.sys 2014-12-05 22:07:57 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NvVAD\nvvad32v.sys 2014-12-05 22:07:57 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys 2014-12-05 22:07:57 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys 2014-12-05 22:07:57 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys 2014-12-05 22:07:57 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService32.sys 2014-12-05 22:07:57 61E742FCFC9621DFD173B7AD7841CE4C 451216 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys 2014-12-05 22:07:57 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NvVAD\nvvad64v.sys 2014-12-05 22:07:57 1ECE29EE5DBD4401C6C4ECA7FACC5E90 19776 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2014-12-05 22:07:57 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter64.sys 2014-12-05 22:07:57 12D54AD8AF6AD1A2B66E882A67CD4D7E 39056 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Miracast.VirtualAudio\nvvadarm.sys 2014-12-05 20:17:40 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\prelim.bat 2014-12-05 20:17:40 EBAA7BD799FC68980A6A8594BB14A950 190569 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\misc.bat 2014-12-05 20:17:40 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\TDL4.bat 2014-12-05 20:17:40 BC28D90D34DB7AC6BB5789BF3C9E8FDB 14957 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\get.bat 2014-12-05 20:17:40 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\medfos.bat 2014-12-05 20:17:40 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\surfvox.bat 2014-12-05 20:17:40 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\searchlnk.bat 2014-12-05 20:17:40 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\firefox.bat 2014-12-05 20:17:40 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\ev_clear.bat 2014-12-05 20:17:40 813FA9E2180EE3BB5EFCE744009B5611 10880 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\runvalues.bat 2014-12-05 20:17:40 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\ask.bat 2014-12-05 20:17:40 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\iexplore.bat 2014-12-05 20:17:40 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\delfolders.bat 2014-12-05 20:17:40 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\mws.bat 2014-12-05 20:17:40 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\chrome.bat 2014-12-03 20:45:07 A211A94BF8BF1A63B92462001A4FC10A 90 ----a-w- C:\Windows\Temp\temp\devcon.bat 2014-11-29 21:32:39 4BD976B1FCCFAE54875CD4D7BD7EC339 3921 ----a-w- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\extensions\simplesiteblocker@example.com.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Windows\CurrentVersion\Run] "SplitCam"="C:\Program Files (x86)\SplitCam\SplitCam.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SplitCam"="C:\Program Files (x86)\SplitCam\SplitCam.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmazonMP3DownloaderHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmazonMP3DownloaderHelper" "hkey"="HKCU" "command"="C:\\Users\\Max\\AppData\\Local\\Program Files\\Amazon\\MP3 Downloader\\AmazonMP3DownloaderHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DataMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DataMgr" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\DataMgr\\DataMgr.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Intermediate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Intermediate" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Intermediate\\Intermediate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mobilegeni daemon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Mobogenie\\DaemonProcess.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvBackend" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PriceMeterW] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PriceMeterW" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Local\\PriceMeter\\pricemeterw.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Rainlendar2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Rainlendar2" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rainlendar2\\Rainlendar2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SCheck" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\SCheck\\SCheck.exe\" check " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Seventh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Seventh" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Seventh\\Seventh.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sixth] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sixth" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Sixth\\Sixth.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Snoozer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Snoozer" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Snz\\Snz.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SSync" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\SSync\\SSync.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchospt] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="svchospt" "hkey"="HKLM" "command"="C:\\Windows\\SysWOW64\\svchospt.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Switcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Switcher" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Switcher\\Switcher.exe\" /quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="USB3MON" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk] "path"="C:\\Users\\Max\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\net.lnk" "backup"="C:\\Windows\\pss\\net.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Max\\AppData\\Roaming\\WINDOW~1\\net.exe " "item"="net" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VIAKaraokeService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26.11.2014 18:37] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.08.2013 15:29] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.08.2013 15:29] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "url_advisor@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com" [07.11.2014 16:42] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com - Undetermined - content_blocker@kaspersky.com - Simple Site Blocker - %ProfilePath%\extensions\simplesiteblocker@example.com.xpi - 12989559-84f2-47aa-a442-5e69f9d26720 - %ProfilePath%\extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default 8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash E09A55AB513C4D5145F1C318ED024747 - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll - AmazonMP3DownloaderPlugin ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho[] oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] Google Voice Search Hotword (Beta) - Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn Vosteran New Tab - Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce ==== Chromium Fix ====================== C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage-journal deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oilkkkefbalmbfppgjmgjoefbclebkce_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="hxxp://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {56E26B6C-BB82-48de-BEB0-8F3664DE7835} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH" {7588F513-7B9E-45dc-914D-B207EFFC6D9A} Google Url="hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intermediate deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PriceMeterW deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCheck deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seventh deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sixth deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snoozer deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSync deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\fnsdk8k5.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=821 folders=166 44484454 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Max\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Max\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 06.12.2014 at 18:06:19,70 ====================== |
|
Hybrid-Darstellung
