Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Datei nicht deinstallierbar

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.04.2015, 13:22   #1
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Hallo, ich habe ein Problem, und zwar kann ich keine Programme,Dateien deinstallieren. Ich hab mir Clean Master herunter geladen aber habe dann gemerkt das es nur teilweise was bringt, meinen Laptop sauber zu halten. Trotzdem hab ich das Problem, nichts ,,Löschen'' zu können. Ich glaube ich habe einen Virus oder einen Trojaner?

PS: Hatte mein Iphone mit Itunes verbunden gehabt, seit dem funktioniert das nicht mehr ganz richtig... Könnte mein Iphone auch Infiziert worden sein?

Alt 22.04.2015, 13:25   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Hi,

was genau willst du wie genau löschen? Und auch mal posten welche Fehlermeldungen kommen.

Welches Betriebssystem du verwendest wissen wir auch nicht.

Zum iPhone sei gesagt, dass sich da drauf keine Windows-Schädlinge installieren könne.
__________________

__________________

Alt 22.04.2015, 13:47   #3
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Habe Windows7 und muss dazu noch sagen das ich mein Laptop schon seit über 4 Jahren habe. Damals hab ich mir Programme und Chats(bzw.Msn usw.) runtergeladen die ich jetzt nicht mehr gelöscht bekomme. Ich versuche die Datei dann immer in den Papierkorb zu verschieben, dann kommt die Meldung, das ich die Berechtigung dafür brauche und ich klick auf Bestätigen. Nur leider taucht dann immer nach der Bestätigung die selbe Meldung auf. Hab dann versucht es zu schreddern und dann steht dort das einige Dateien nicht geschreddert werden konnten. Also nichts funktioniert irgendwie ..
__________________

Alt 22.04.2015, 14:00   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.04.2015, 15:12   #5
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Anastasija (administrator) on ANASTASIJA-PC on 22-04-2015 15:06:09
Running from C:\Users\Anastasija\Downloads
Loaded Profiles: Anastasija (Available profiles: Anastasija & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech InfoSystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe
(PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\PACTray.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPC230NC\Monitor.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\Anastasija\AppData\Local\Akamai\netsession_win.exe
(Sony Ericsson Mobile Communications AB) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Mail.Ru) C:\Users\Anastasija\AppData\Local\Mail.Ru\MailRuUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Akamai Technologies, Inc.) C:\Users\Anastasija\AppData\Local\Akamai\netsession_win.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Mail.Ru) C:\Program Files (x86)\Mail.Ru\Agent\magent.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe
(Farbar) C:\Users\Anastasija\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-23] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] => C:\Windows\Pixart\PAC7302\PACTray.exe [327680 2009-03-23] (PixArt Imaging Incorporation)
HKLM\...\Run: [SPC230NC_Monitor] => C:\Windows\Philips\SPC230NC\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [SPC_Monitor] => C:\Windows\Philips\SPC230NC\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [BkupTray] => C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-07] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [MAgent] => C:\Program Files (x86)\Mail.Ru\Agent\magent.exe [12317376 2010-10-19] (Mail.Ru)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-12-13] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [HF_G_Jul] => C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe [36960 2012-07-18] ()
HKLM-x32\...\Run: [cmsc] => c:\program files (x86)\cmcm\Clean Master\cmtray.exe [771912 2015-04-17] (Kingsoft Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [980592 2015-04-07] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1631144 2013-03-29] (Valve Corporation)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-09-08] ()
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Anastasija\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [Sony Ericsson PC Companion] => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [772096 2009-06-18] (Sony Ericsson Mobile Communications AB)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [Personal ID] => C:\Program Files (x86)\coolspot AG\Personal ID\pid.exe [1132984 2012-05-06] (coolspot AG, Düsseldorf)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [SDP] => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [200784 2012-05-31] (Somoto)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Anastasija\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Run: [MailRuUpdater] => C:\Users\Anastasija\AppData\Local\Mail.Ru\MailRuUpdater.exe [6977768 2015-04-10] (Mail.Ru)
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-02-01] (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2922694638-2030841775-694269427-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050&CUI=UN49157523412479108
URLSearchHook: HKLM-x32 - Eazel-DE Toolbar - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files (x86)\Eazel-DE\prxtbEaz0.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\prxtbTog2.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Users\Anastasija\AppData\LocalLow\DVDVideoSoftTB\prxtbDVD2.dll (ClientConnect Ltd.)
URLSearchHook: HKLM-x32 - IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 - Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik_x64.dll (@Mail.Ru)
URLSearchHook: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 - Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
URLSearchHook: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 - Eazel-DE Toolbar - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files (x86)\Eazel-DE\prxtbEaz0.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 - ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\prxtbTog2.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Users\Anastasija\AppData\LocalLow\DVDVideoSoftTB\prxtbDVD2.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 - IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2077543
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> DefaultScope {7DAEA0D6-0722-41B4-83D3-34719C55CF5D} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20100925&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE398DE400
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {7DAEA0D6-0722-41B4-83D3-34719C55CF5D} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20100925&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {884600F7-F1CE-445E-B0BF-698C66DFDD2E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={3FAF74F5-E84C-4D10-9A79-505B0737D4BE}&mid=0723a5fca4cb47d0b58ea113f009f411-4684ce469d7dea3eeb1c4af289de0c47ab3db279&lang=en&ds=ft011&coid=%COBRAND%&cmpid=%CMPID%&pr=sa&d=2012-03-20 19:16:45&v=18.1.9.799&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb174/?search={searchTerms}&loc=IB_DS&a=6PQJUEFNsp&i=26
SearchScopes: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&fr=ntg
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: MailRuBHO Class -> {8984B388-A5BB-4DF7-B274-77B879E179DB} -> C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik_x64.dll [2010-10-19] (@Mail.Ru)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-10] (Google Inc.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO-x32: ToggleEN Toolbar -> {038cb5c7-48ea-4af9-94e0-a1646542e62b} -> C:\Program Files (x86)\ToggleEN\prxtbTog2.dll [2011-01-17] (Conduit Ltd.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO-x32: Conduit Engine  -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll [2012-08-28] ()
BHO-x32: Eazel-DE Toolbar -> {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} -> C:\Program Files (x86)\Eazel-DE\prxtbEaz0.dll [2011-01-17] (Conduit Ltd.)
BHO-x32: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll No File
BHO-x32: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Users\Anastasija\AppData\LocalLow\DVDVideoSoftTB\prxtbDVD2.dll [2014-09-23] (ClientConnect Ltd.)
BHO-x32: MailRuBHO Class -> {8984B388-A5BB-4DF7-B274-77B879E179DB} -> C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2010-10-19] (@Mail.Ru)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: IMVU Inc Toolbar -> {90b49673-5506-483e-b92b-ca0265bd9ca8} -> C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll [2011-05-09] (Conduit Ltd.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-12-13] (AVG Secure Search)
BHO-x32: AlterGeoBHO Class -> {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} -> C:\Program Files (x86)\AlterGeo\AlterGeo Magic Scanner\2.8.8.615\AlterGeo.BrowserPlugin.dll [2010-08-31] (Wi2Geo)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-10] (Google Inc.)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11] (Microsoft Corporation.)
Toolbar: HKLM - Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik_x64.dll [2010-10-19] (@Mail.Ru)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-10] (Google Inc.)
Toolbar: HKLM-x32 - Eazel-DE Toolbar - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files (x86)\Eazel-DE\prxtbEaz0.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM-x32 - Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2010-10-19] (@Mail.Ru)
Toolbar: HKLM-x32 - ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\prxtbTog2.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-12-13] (AVG Secure Search)
Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Users\Anastasija\AppData\LocalLow\DVDVideoSoftTB\prxtbDVD2.dll [2014-09-23] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-10] (Google Inc.)
Toolbar: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-10] (Google Inc.)
Toolbar: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> No Name - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} -  No File
Toolbar: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik_x64.dll [2010-10-19] (@Mail.Ru)
Toolbar: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> No Name - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} -  No File
Toolbar: HKU\S-1-5-21-2922694638-2030841775-694269427-1001 -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-04-21] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-12-13] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-03-15] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-09-08] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-2922694638-2030841775-694269427-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Anastasija\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2922694638-2030841775-694269427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anastasija\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF Plugin HKU\S-1-5-21-2922694638-2030841775-694269427-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-09-08] (Pando Networks)
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-17]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-04-01]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

Chrome: 
=======
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSearchURL: Default -> https://de.search.yahoo.com/search?fr=mcafee&type=B211DE662D20100925&p={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Anastasija\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Profile: C:\Users\Anastasija\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Anastasija\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-03]
CHR Extension: (Bookmark Manager) - C:\Users\Anastasija\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Anastasija\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Anastasija\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-14]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Anastasija\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2012-05-17]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx [2013-04-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315208 2015-04-17] (Kingsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [819824 2015-04-07] ()
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-12-13] (AVG Secure Search)
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2012-08-28] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Guard.Mail.ru; "C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-04-07] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-04-07] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-04-07] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-04-07] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-04-07] (Qihu 360 Software Co., Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-12-13] (AVG Technologies)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-04-07] (Qihu 360 Software Co., Ltd.)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-04-17] (Kingsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 PAEAFLT.sys; C:\Windows\System32\DRIVERS\PAEAFLT.sys [9472 2007-09-26] (PixArt Imaging Incorporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 SPC230NC; C:\Windows\System32\DRIVERS\SPC230NC.SYS [531968 2008-01-03] (PixArt Imaging Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va005; \??\C:\Users\ANASTA~1\AppData\Local\Temp\005A024.tmp [X]
S3 X6va006; \??\C:\Users\ANASTA~1\AppData\Local\Temp\006E84D.tmp [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 15:05 - 2015-04-22 15:05 - 02099712 _____ (Farbar) C:\Users\Anastasija\Downloads\FRST64 (1).exe
2015-04-22 14:09 - 2015-02-24 04:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-04-22 14:06 - 2015-04-22 14:11 - 00033231 _____ () C:\Users\Anastasija\Downloads\Addition.txt
2015-04-22 14:06 - 2015-04-22 14:06 - 00000000 __SHD () C:\$360Section
2015-04-22 14:04 - 2015-04-22 15:06 - 00033751 _____ () C:\Users\Anastasija\Downloads\FRST.txt
2015-04-22 14:04 - 2015-04-22 15:06 - 00000000 ____D () C:\FRST
2015-04-22 14:03 - 2015-04-22 14:04 - 02099712 _____ (Farbar) C:\Users\Anastasija\Downloads\FRST64.exe
2015-04-22 13:52 - 2015-04-22 13:52 - 00334792 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-22 13:51 - 2015-04-22 14:14 - 00014004 _____ () C:\Windows\PFRO.log
2015-04-22 12:18 - 2015-04-22 14:06 - 00000000 ____D () C:\ProgramData\360Quarant
2015-04-22 12:17 - 2015-04-22 12:17 - 00000000 ____D () C:\Users\Anastasija\AppData\Roaming\360safe
2015-04-22 12:16 - 2015-04-22 12:16 - 00001153 _____ () C:\Users\Public\Desktop\360 Total Security.lnk
2015-04-22 12:16 - 2015-04-22 12:16 - 00000000 _RSHD () C:\360SANDBOX
2015-04-22 12:16 - 2015-04-22 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-04-22 12:16 - 2015-04-22 12:16 - 00000000 ____D () C:\ProgramData\360TotalSecurity
2015-04-22 12:16 - 2015-04-22 12:16 - 00000000 ____D () C:\ProgramData\360safe
2015-04-22 12:16 - 2015-04-07 09:54 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360fsflt.sys
2015-04-22 12:16 - 2015-04-07 09:54 - 00305736 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2015-04-22 12:16 - 2015-04-07 09:54 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2015-04-22 12:16 - 2015-04-07 09:54 - 00100424 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2015-04-22 12:16 - 2015-04-07 09:54 - 00077896 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-04-22 12:16 - 2015-04-07 09:54 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2015-04-22 12:15 - 2015-04-22 12:15 - 00000000 ____D () C:\Program Files (x86)\360
2015-04-22 12:13 - 2015-04-22 12:15 - 24724088 _____ () C:\Users\Anastasija\Downloads\360TSE_Setup_6.0.0.1022.exe
2015-04-22 11:43 - 2015-04-22 11:43 - 00030120 _____ () C:\ComboFix.txt
2015-04-22 11:17 - 2015-04-22 14:14 - 00000112 _____ () C:\Windows\setupact.log
2015-04-22 11:17 - 2015-04-22 11:17 - 00079608 _____ () C:\Users\Anastasija\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-22 11:17 - 2015-04-22 11:17 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-22 11:10 - 2015-04-22 11:43 - 00000000 ____D () C:\ComboFix
2015-04-22 10:43 - 2015-04-22 10:43 - 03480040 _____ (McAfee, Inc.) C:\Users\Anastasija\Downloads\MCPR76.exe
2015-04-21 21:21 - 2015-04-21 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-04-21 21:07 - 2015-04-21 21:07 - 00000000 ____D () C:\6befcb9be3b011caee07fcfa
2015-04-21 19:17 - 2015-04-21 19:29 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-21 19:17 - 2015-04-21 19:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-21 19:02 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-21 19:02 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-21 18:45 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-04-21 18:31 - 2015-04-21 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-21 18:31 - 2015-04-21 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-21 18:30 - 2015-04-21 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-21 18:30 - 2015-04-21 18:30 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-21 18:30 - 2015-04-21 18:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-21 18:30 - 2015-04-21 18:30 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-04-21 18:30 - 2015-04-21 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-04-21 18:30 - 2015-04-21 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-21 18:30 - 2015-04-21 18:30 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-21 18:30 - 2015-04-21 18:30 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-21 18:30 - 2015-04-21 18:30 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-04-21 18:30 - 2015-04-21 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-04-21 18:30 - 2015-04-21 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-21 18:30 - 2015-04-21 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-21 18:26 - 2015-04-21 18:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-21 18:26 - 2015-04-21 18:26 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-21 18:26 - 2015-04-21 18:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-21 17:53 - 2015-04-21 17:53 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-21 17:53 - 2015-04-21 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-21 16:27 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-21 16:27 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-21 16:21 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-21 16:21 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-04-21 16:21 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-21 16:21 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-21 16:21 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-21 16:21 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-21 16:21 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-04-21 16:21 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-04-21 16:17 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-21 16:17 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-21 16:17 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-21 16:17 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-04-21 16:04 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-21 16:04 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-21 16:04 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-21 16:04 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-21 16:04 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-21 16:04 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-21 16:04 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-21 16:04 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-21 16:04 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-21 16:04 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-21 16:04 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-21 16:04 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-21 16:04 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-21 16:04 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-04-21 16:04 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-21 16:04 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-04-21 16:04 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-04-21 15:44 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-21 15:44 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-04-21 15:44 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-21 15:44 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-04-21 15:43 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-21 15:43 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-21 15:43 - 2015-02-03 05:34 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-21 15:43 - 2015-02-03 05:34 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-21 15:43 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-21 15:43 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-21 15:43 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-21 15:43 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-21 15:43 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-21 15:43 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-21 15:43 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-21 15:43 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-21 15:43 - 2015-02-03 05:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-21 15:43 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-21 15:43 - 2015-02-03 05:28 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-21 15:43 - 2015-02-03 05:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-21 15:43 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-21 15:43 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-21 15:43 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-21 15:43 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-21 15:43 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-21 15:43 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-21 15:43 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-21 15:43 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-21 15:43 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-04-21 15:43 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-21 15:43 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-04-21 15:43 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-21 15:43 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-04-21 15:43 - 2015-02-03 05:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-21 15:43 - 2015-02-03 05:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-21 15:43 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-04-21 15:43 - 2015-02-03 05:08 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-21 15:43 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-21 15:43 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-21 15:43 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-21 15:43 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-21 15:43 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-21 15:43 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-21 15:40 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-21 15:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-21 15:40 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-04-21 15:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-04-21 15:36 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-21 15:04 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-21 15:04 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-04-21 15:04 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-04-21 15:04 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-21 15:04 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-04-21 15:04 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-21 15:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-21 15:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-21 15:01 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-21 15:01 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-21 15:01 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-21 15:01 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-21 15:01 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-21 15:01 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-21 15:01 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-04-21 15:01 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-21 15:01 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-21 15:01 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-21 15:01 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-21 15:01 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-21 15:01 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-21 15:00 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-21 14:51 - 2015-04-22 11:43 - 00000000 ____D () C:\Qoobox
2015-04-21 14:50 - 2015-04-22 11:32 - 00000000 ____D () C:\Windows\erdnt
2015-04-21 14:48 - 2015-04-21 14:48 - 00000334 _____ () C:\Users\Anastasija\Documents\Fixlist.txt
2015-04-21 14:46 - 2015-04-21 14:47 - 05619466 ____R (Swearware) C:\Users\Anastasija\Downloads\ComboFix.exe
2015-04-21 14:46 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-21 14:46 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-04-21 14:45 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-21 14:45 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-21 14:45 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-21 14:45 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-21 14:45 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-21 14:45 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-21 14:45 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-21 14:45 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-21 14:44 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-21 14:44 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-04-21 14:44 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-21 14:19 - 2015-04-21 14:19 - 00000000 ____D () C:\Users\Anastasija\Documents\Agent
2015-04-21 14:13 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-21 14:13 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-21 14:10 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-21 14:10 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-21 14:10 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-21 14:10 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-21 14:10 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-21 14:10 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-21 14:10 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-21 14:10 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-21 14:10 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-21 14:05 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-21 14:05 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-21 14:05 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-04-21 14:05 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-21 14:05 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-21 14:04 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-21 14:04 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-04-21 14:04 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-04-21 14:03 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-21 14:03 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-04-21 14:03 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-04-21 14:03 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-04-21 14:02 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-21 14:02 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-21 14:02 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-21 14:02 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-21 14:02 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-21 14:02 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-21 14:02 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-21 14:02 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-21 14:02 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-21 14:02 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-21 14:02 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-21 14:02 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-21 14:02 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-04-21 14:02 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-04-21 14:02 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-04-21 14:02 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-04-21 14:02 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-04-21 14:02 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-04-21 14:02 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-04-21 14:02 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-04-21 14:02 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-04-21 14:02 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-21 14:02 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-21 14:02 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-21 14:02 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-21 14:02 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-21 14:02 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-21 14:02 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-21 14:02 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-04-21 14:02 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-04-21 14:02 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-04-21 14:02 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-04-21 14:01 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-21 14:01 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-21 14:01 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-04-21 13:58 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-21 13:58 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-21 13:58 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-21 13:58 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-04-21 13:58 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-04-21 13:58 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-04-21 13:58 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-04-21 13:58 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-04-21 13:58 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-04-21 13:58 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-04-21 13:58 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-04-21 13:58 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-04-21 13:49 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-21 13:49 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-21 13:49 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-21 13:49 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-21 13:49 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-21 13:49 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-04-21 13:49 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-21 13:49 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-21 13:48 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-21 13:48 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-21 13:48 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-04-21 13:46 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-21 13:46 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-04-21 13:45 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-21 13:45 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-21 13:44 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-21 13:44 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-21 13:44 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-21 13:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-21 13:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-21 13:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-21 13:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-21 13:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-04-21 13:43 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-21 13:43 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-21 13:43 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-21 13:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-04-21 13:43 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-21 13:43 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-21 13:43 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-04-21 13:42 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-21 13:42 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-21 13:42 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-21 13:42 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-21 13:42 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-21 13:42 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-21 13:42 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-21 13:42 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-21 13:42 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-04-21 13:42 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-04-21 13:42 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-04-21 13:42 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-04-21 13:42 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-21 13:42 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-21 13:42 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-04-21 13:42 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-04-21 13:42 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-21 13:42 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-04-21 13:41 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-21 13:41 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-04-21 13:41 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-21 13:41 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-04-21 13:39 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-21 13:39 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-21 13:39 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-21 13:38 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-21 13:38 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-21 13:38 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-21 13:38 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-21 13:38 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-04-21 13:38 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-21 13:38 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-21 13:38 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-21 13:38 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-21 13:38 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-04-21 13:38 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-21 13:18 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-04-21 13:07 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-04-21 13:07 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-04-21 13:07 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-04-21 13:06 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-21 13:06 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-21 13:06 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-04-21 13:06 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-04-21 13:06 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-21 13:06 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-21 13:06 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-04-21 13:06 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-04-21 13:05 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-21 13:05 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-21 13:05 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-21 13:04 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-21 13:04 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-21 13:01 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-21 13:01 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-21 13:01 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-21 13:01 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-21 13:01 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-21 13:01 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-21 13:01 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-21 13:01 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-04-21 13:01 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-04-21 00:17 - 2015-04-22 14:57 - 01420527 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 21:14 - 2015-04-18 21:14 - 00001757 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-18 21:14 - 2015-04-18 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-18 20:46 - 2015-04-18 20:52 - 152362800 _____ (Apple Inc.) C:\Users\Anastasija\Downloads\iTunes6464Setup.exe
2015-04-17 18:23 - 2015-04-17 18:23 - 00081768 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2015-04-17 18:23 - 2015-04-17 18:23 - 00056680 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2015-04-17 18:23 - 2015-04-17 18:23 - 00001070 _____ () C:\Users\Public\Desktop\Clean Master.lnk
2015-04-17 18:23 - 2015-04-17 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
2015-04-17 18:23 - 2015-04-17 18:23 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-04-17 18:23 - 2015-04-17 18:23 - 00000000 ____D () C:\ProgramData\cmcm
2015-04-17 18:23 - 2015-04-17 18:23 - 00000000 ____D () C:\Program Files (x86)\cmcm
2015-04-17 18:19 - 2015-04-17 18:20 - 05767200 _____ (Kingsoft Corporation) C:\Users\Anastasija\Downloads\cleanmaster3010_12_1 (2).exe
2015-04-17 18:18 - 2015-04-17 18:19 - 05767200 _____ (Kingsoft Corporation) C:\Users\Anastasija\Downloads\cleanmaster3010_12_1.exe
2015-04-17 18:18 - 2015-04-17 18:19 - 05767200 _____ (Kingsoft Corporation) C:\Users\Anastasija\Downloads\cleanmaster3010_12_1 (1).exe
2015-04-15 18:50 - 2015-04-15 18:50 - 00048761 _____ () C:\Users\Anastasija\Downloads\WhatsApp Chat mit Christian.txt
2015-04-15 18:48 - 2015-04-15 18:48 - 04430600 _____ () C:\Users\Anastasija\Downloads\audio (1).m4a
2015-04-02 03:43 - 2015-04-02 03:43 - 00000000 ____D () C:\Users\Anastasija\AppData\Local\{45BF915F-309D-4613-9416-AD8CD2662171}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 15:09 - 2011-09-08 09:17 - 00000000 ____D () C:\Users\Anastasija\AppData\Local\PMB Files
2015-04-22 14:59 - 2012-05-06 17:22 - 00176640 ___SH () C:\Users\Anastasija\Documents\Thumbs.db
2015-04-22 14:54 - 2011-09-02 17:44 - 00001158 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2922694638-2030841775-694269427-1001UA.job
2015-04-22 14:39 - 2010-09-25 11:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-22 14:25 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 14:25 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 14:17 - 2011-01-31 19:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-22 14:16 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-22 14:15 - 2010-09-25 11:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 14:15 - 2010-03-30 07:05 - 00000147 _____ () C:\Windows\SysWOW64\agent.log
2015-04-22 14:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-22 13:52 - 2011-09-02 17:44 - 00001136 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2922694638-2030841775-694269427-1001Core.job
2015-04-22 11:43 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-22 11:30 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-22 11:18 - 2010-03-30 06:44 - 00000000 ____D () C:\ProgramData\Temp
2015-04-22 10:31 - 2010-10-04 18:26 - 00000000 ____D () C:\Users\Anastasija\AppData\Roaming\Skype
2015-04-21 21:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-21 21:27 - 2010-10-04 18:26 - 00000000 ____D () C:\ProgramData\Skype
2015-04-21 21:27 - 2010-03-30 07:16 - 00000000 ____D () C:\Windows\Panther
2015-04-21 21:09 - 2010-09-25 10:54 - 00000000 ____D () C:\Users\Anastasija
2015-04-21 19:33 - 2010-09-23 20:10 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2015-04-21 19:33 - 2010-09-23 20:10 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2015-04-21 19:33 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 19:30 - 2010-09-25 10:54 - 00001425 _____ () C:\Users\Anastasija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-21 19:19 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-21 19:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-21 19:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-21 19:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-21 19:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-21 19:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-21 19:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-04-21 19:02 - 2010-03-30 06:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-21 17:53 - 2012-09-05 08:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-21 16:16 - 2011-02-01 18:05 - 00000000 ____D () C:\Users\Anastasija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-21 16:16 - 2011-01-31 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-21 15:27 - 2012-09-17 13:09 - 00000000 ____D () C:\Program Files\Web Assistant
2015-04-21 14:34 - 2012-05-06 17:25 - 00000000 ____D () C:\Users\Anastasija\AppData\Roaming\IMVU
2015-04-21 13:24 - 2011-01-21 16:51 - 00000000 ____D () C:\ProgramData\Guard.Mail.Ru
2015-04-21 13:19 - 2010-10-19 19:28 - 00000000 ____D () C:\Users\Anastasija\AppData\Local\Mail.Ru
2015-04-18 21:14 - 2014-12-15 15:31 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-18 21:14 - 2012-09-27 14:10 - 00000000 ____D () C:\Program Files\iTunes
2015-04-18 21:13 - 2012-09-27 14:10 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-04-18 21:13 - 2012-09-27 14:10 - 00000000 ____D () C:\Program Files\iPod
2015-04-18 21:13 - 2012-09-27 14:10 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-18 21:13 - 2012-05-31 01:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-17 21:02 - 2015-02-14 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-17 21:02 - 2012-05-31 01:07 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-17 21:02 - 2012-03-25 12:37 - 00000000 ____D () C:\Users\Gast
2015-04-17 21:02 - 2011-12-03 12:11 - 00000000 ____D () C:\Users\Anastasija\AppData\Local\Akamai
2015-04-17 21:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-17 18:30 - 2011-09-25 10:46 - 00000000 ____D () C:\Windows\Minidump
2015-04-17 18:12 - 2010-09-25 10:55 - 00000000 ____D () C:\Users\Anastasija\AppData\Local\Google
2015-04-17 12:50 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-17 12:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-04-02 03:42 - 2010-12-23 00:36 - 00000000 ____D () C:\Users\Anastasija\AppData\Local\Windows Live Writer

==================== Files in the root of some directories =======

2010-03-30 06:37 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe

Some content of TEMP:
====================
C:\Users\Anastasija\AppData\Local\Temp\Runner.exe
C:\Users\Anastasija\AppData\Local\Temp\sdpupdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-21 07:55

==================== End Of Log ============================
         
--- --- ---


Alt 22.04.2015, 15:49   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



addition.txt fehlt...
__________________
--> Datei nicht deinstallierbar

Alt 22.04.2015, 15:52   #7
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Wie kann ich den öffnen?

Alt 22.04.2015, 15:53   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Anleitung lesen?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.04.2015, 16:20   #9
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION

So richtig?

Alt 22.04.2015, 17:08   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Das ist nichtmal im Ansatz richtig

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.04.2015, 18:08   #11
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Anastasija at 2015-04-22 17:51:23
Running from C:\Users\Anastasija\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.0.0.1022 - 360 Security Center)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0323.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.10 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlterGeo Magic Scanner (HKLM-x32\...\{F2568FC8-7F5F-440F-9F1E-D96A13CBF408}) (Version: 2.8.8.615 - AlterGeo)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Bing Bar (HKLM-x32\...\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}) (Version: 7.1.391.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine  (HKLM-x32\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2529.50 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version:  - Oberon Media)
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.8.5.1 - DVDVideoSoftTB)
Eazel-DE Toolbar (HKLM-x32\...\Eazel-DE Toolbar) (Version: 6.3.3.3 - Eazel-DE)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
Free YouTube to MP3 Converter version 3.11.19.412 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.19.412 - DVDVideoSoft Ltd.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galileo Family Quiz - Spezial II (HKLM-x32\...\Galileo Family Quiz - Spezial II) (Version:  - SevenOne Intermedia)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IMVU Avatar Chat Software (HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
IMVU Inc Toolbar (HKLM-x32\...\IMVU_Inc Toolbar) (Version: 6.8.9.0 - IMVU Inc)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.6 - Acer Inc.)
Mail.Ru Агент 5.7 (сборка 3755, для всех пользователей) (HKLM-x32\...\MRA) (Version:  - Mail.Ru) <==== ATTENTION
Mail.Ru Спутник 2.3.0.288 (HKLM-x32\...\MailRuSputnik) (Version:  - Mail.Ru) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version:  - )
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.503 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.2.6322 - NewTech Infosystems) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5.202 - coolspot AG)
Philips Intelligent Agent (HKLM-x32\...\Philips Intelligent Agent_is1) (Version: 2.2 - Philips)
Philips SPC230NC Webcam (HKLM-x32\...\{05F350C6-FA6A-40D0-A130-FB941B39152C}) (Version: 1.0.0.0 - Philips)
Portrait Professional 10.8 Test (HKLM-x32\...\PortraitProfessional10Trial_is1) (Version: 10.8 - Anthropics Technology Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6074 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
S4 League_EU (HKLM-x32\...\{0CE8673B-08EC-4CFB-A45F-E26BAFBE6F34}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{3D9A85C0-2B14-4C5B-BF1D-AB2715F856E4}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{894DE430-27EE-4A67-B035-EED82CE5EFA5}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{89B5821B-407D-42D6-87F2-03AF64A70F98}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{8FBE29A1-7DE7-49D3-9E4F-F95FBD252538}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{ABE3DF11-0ACC-4FFA-B695-7BA1242F40D1}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{B9EA6804-8302-4E3D-9C1B-1AFEABE5BB67}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{C68A02C9-C277-46D0-8890-E2D679BB419D}) (Version: 1.00.0000 - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Secret City (HKLM-x32\...\Secret City) (Version: 1.9.4152 - Utherverse Digital Inc)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Ericsson PC Companion 1.50.52 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.50.52 - Sony Ericsson)
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stray Souls - Dollhouse Story (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119968703}) (Version:  - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
ToggleEN Toolbar (HKLM-x32\...\ToggleEN Toolbar) (Version: 6.3.3.3 - ToggleEN)
Trust Webcam 16175 (HKLM-x32\...\{7B1E8FA3-32BB-4902-AF7E-B9D9DAD6A675}) (Version: 1.0.0.0 - )
Unity Web Player (HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Voodoo Whisperer (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005381}) (Version:  - Oberon Media)
Web Assistant 2.0.0.100 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.100 - IncrediBar) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3013 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 4.3.4.15595 - Blizzard Entertainment)
Загрузчик Игр@Mail.Ru (HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\MailRuDownloader) (Version: 1.0.80 - LLC Mail.Ru)
Служба автоматического обновления программ (HKU\S-1-5-21-2922694638-2030841775-694269427-1001\...\MailRuUpdater) (Version:  - Mail.Ru)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

21-04-2015 21:05:39 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-21 16:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2C7AD48A-C497-40F8-BA18-9A702DD45C26} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {4F19C645-4070-497C-BE1C-3959ED18830D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5613FF74-DF56-4FE1-8724-B304DCE6E045} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {689C76C4-00E6-453F-A3A1-38B4C0F3127C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {6FA449C9-C7AB-4569-8197-0B7EE4444F06} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7B1375B8-AEAD-47B1-BEDA-378084F51F07} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2922694638-2030841775-694269427-1001Core => C:\Users\Anastasija\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {9D47D255-FB09-494F-9EBB-D17EF7B8FD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {D6E6124E-EB38-4980-AE44-F7BDFD3B6B9E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2922694638-2030841775-694269427-1001UA => C:\Users\Anastasija\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {FB9B1BF4-A874-43D5-AC22-B43669502C07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2922694638-2030841775-694269427-1001Core.job => C:\Users\Anastasija\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2922694638-2030841775-694269427-1001UA.job => C:\Users\Anastasija\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-04-22 12:16 - 2015-04-07 09:54 - 00819824 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-04-04 12:03 - 2008-04-04 12:03 - 00131072 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2012-09-17 13:09 - 2012-08-28 17:09 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2014-12-13 16:02 - 2014-12-13 15:59 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2015-04-22 12:16 - 2015-04-07 09:54 - 00612944 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2011-09-08 09:17 - 2011-09-08 09:17 - 03077528 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2008-04-07 07:42 - 2008-04-07 07:42 - 00034040 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2012-03-20 20:16 - 2014-12-13 15:59 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2015-04-22 12:16 - 2015-04-07 09:54 - 00980592 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2015-04-22 12:16 - 2015-04-07 09:54 - 01383536 _____ () C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
2008-02-29 07:44 - 2008-02-29 07:44 - 01024000 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2008-02-29 07:44 - 2008-02-29 07:44 - 00098304 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2008-02-29 07:44 - 2008-02-29 07:44 - 00061440 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2010-03-09 02:18 - 2010-03-09 02:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 02:13 - 2010-03-09 02:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-12-13 16:02 - 2014-12-13 15:59 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2010-03-30 06:29 - 2009-12-24 02:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2008-04-04 12:00 - 2008-04-04 12:00 - 00002560 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2010-03-30 07:15 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-10-19 19:28 - 2010-10-19 19:28 - 00851456 _____ () C:\Program Files (x86)\Mail.Ru\Agent\Mra\dll\YLUSBTEL.dll
2015-04-17 18:16 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-17 18:16 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-17 18:16 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0256104B
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:A724744F
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E9039033

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2922694638-2030841775-694269427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anastasija\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2922694638-2030841775-694269427-500 - Administrator - Disabled)
Anastasija (S-1-5-21-2922694638-2030841775-694269427-1001 - Administrator - Enabled) => C:\Users\Anastasija
Gast (S-1-5-21-2922694638-2030841775-694269427-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2922694638-2030841775-694269427-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2015 03:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 120792

Error: (04/22/2015 03:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 120792

Error: (04/22/2015 03:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/22/2015 03:03:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 119263

Error: (04/22/2015 03:03:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 119263

Error: (04/22/2015 03:03:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/22/2015 03:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 118265

Error: (04/22/2015 03:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 118265

Error: (04/22/2015 03:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/22/2015 03:01:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17847


System errors:
=============
Error: (04/22/2015 03:03:47 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding5{995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/22/2015 02:53:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (04/22/2015 02:14:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎04.‎2015 um 14:14:07 unerwartet heruntergefahren.

Error: (04/22/2015 01:54:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst DsiWMIService erreicht.

Error: (04/22/2015 01:52:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎04.‎2015 um 13:49:28 unerwartet heruntergefahren.

Error: (04/22/2015 01:43:35 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding5{995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/22/2015 00:41:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/22/2015 00:16:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/22/2015 11:30:29 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/22/2015 11:24:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-04-21 15:27:38.531
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-21 15:27:37.813
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 59%
Total physical RAM: 3001.97 MB
Available physical RAM: 1228.47 MB
Total Pagefile: 6002.13 MB
Available Pagefile: 3548.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:285.99 GB) (Free:179.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 503AE2F2)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 22.04.2015, 20:54   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Conduit Engine

    FilesFrog Update Checker

    Mail.Ru Агент 5.7

    Mail.Ru Спутник 2.3.0.288

    Web Assistant 2.0.0.100

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.04.2015, 21:44   #13
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Super hat funktioniert, Danke für deine Hilfe !

Alt 22.04.2015, 21:55   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Wir sind noch nicht fertig!!!

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.04.2015, 02:01   #15
UK19
 
Datei nicht deinstallierbar - Standard

Datei nicht deinstallierbar



Nach 3 Stunden laden hab ich jetzt endlich Malwarebytes fertig.

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Update, 23.04.2015 01:17:34, SYSTEM, ANASTASIJA-PC, Scheduler, Malware Database, 2015.4.22.6, 2015.4.22.7,
Protection, 23.04.2015 01:17:36, SYSTEM, ANASTASIJA-PC, Protection, Refresh, Starting,
Protection, 23.04.2015 01:17:36, SYSTEM, ANASTASIJA-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2015 01:17:36, SYSTEM, ANASTASIJA-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2015 01:20:10, SYSTEM, ANASTASIJA-PC, Protection, Refresh, Success,
Protection, 23.04.2015 01:20:10, SYSTEM, ANASTASIJA-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2015 01:20:11, SYSTEM, ANASTASIJA-PC, Protection, Malicious Website Protection, Started,
Scan, 23.04.2015 01:33:40, SYSTEM, ANASTASIJA-PC, Manual, Start: 22.04.2015 22:26:41, Dauer: 3 Stunden 2 Minuten 11 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "532" nicht-Malwareerkennung,
Protection, 23.04.2015 01:46:56, SYSTEM, ANASTASIJA-PC, Protection, Malware Protection, Starting,
Protection, 23.04.2015 01:46:56, SYSTEM, ANASTASIJA-PC, Protection, Malware Protection, Started,
Protection, 23.04.2015 01:46:56, SYSTEM, ANASTASIJA-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2015 01:47:05, SYSTEM, ANASTASIJA-PC, Protection, Malicious Website Protection, Started,

(end)

Antwort

Themen zu Datei nicht deinstallierbar
clean, datei, dateien, deinstalliere, funktioniert, geladen, gemerkt, herunter, infiziert, iphone, itunes, laptop, löschen, mas, master, nicht mehr, nichts, problem, programme, sauber, troja, trojaner, trojaner?, verbunden, virus, windows7



Ähnliche Themen: Datei nicht deinstallierbar


  1. Windows7: PDFs in Inbox kaputt, Amazon Downloader nicht deinstallierbar
    Log-Analyse und Auswertung - 28.10.2015 (15)
  2. Zip datei entpackt aber exe nicht geöffnet, Trojaner an Bord oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 14.10.2015 (6)
  3. Win7, lästiges Problem mit DiisCountExtiensi, nicht deinstallierbar, ständig Werbung Hijack/Virus/Trojaner ?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2015 (3)
  4. Tencent nicht deinstallierbar + AMWB Server nicht erreichbar
    Plagegeister aller Art und deren Bekämpfung - 17.03.2015 (15)
  5. LowPricesApp nicht deinstallierbar u. evtl. andere unerwünschte Gäste auf Laptop
    Log-Analyse und Auswertung - 23.02.2015 (19)
  6. windows 7, search protect nicht deinstallierbar, browser installiert automatisch add ons und öffnet andere websites
    Log-Analyse und Auswertung - 06.11.2014 (11)
  7. Search Protect Client Connect Ltd auf Windows 8.1, nicht deinstallierbar
    Log-Analyse und Auswertung - 25.09.2014 (4)
  8. Search Protect in Taskleiste und nicht deinstallierbar
    Plagegeister aller Art und deren Bekämpfung - 25.08.2014 (17)
  9. Windows 8.1: Snap.do nicht deinstallierbar
    Plagegeister aller Art und deren Bekämpfung - 07.04.2014 (13)
  10. snap.do nicht deinstallierbar windows vista
    Plagegeister aller Art und deren Bekämpfung - 04.03.2014 (23)
  11. Win 7 Home Premium 64 Bit: LyriXeeker-1 nicht deinstallierbar
    Log-Analyse und Auswertung - 27.09.2013 (15)
  12. Windows 7: LyricsGet-1 und LyriXeeker-1 nicht deinstallierbar
    Log-Analyse und Auswertung - 19.09.2013 (10)
  13. Yontoo 2.051 nicht deinstallierbar !
    Log-Analyse und Auswertung - 29.07.2013 (17)
  14. Chatzum nicht deinstallierbar
    Log-Analyse und Auswertung - 23.04.2013 (12)
  15. Avira findet TR/ATRAPS.gen kann die Datei aber nicht löschen. Wie bekomme ich die Datei vom System?
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (1)
  16. Rechner startet nicht, weil er die dwlgina3.dll datei nicht findet
    Log-Analyse und Auswertung - 27.01.2012 (41)
  17. Trojaner in datei gefunden (datei aber nicht vorhanden)
    Plagegeister aller Art und deren Bekämpfung - 29.11.2004 (2)

Zum Thema Datei nicht deinstallierbar - Hallo, ich habe ein Problem, und zwar kann ich keine Programme,Dateien deinstallieren. Ich hab mir Clean Master herunter geladen aber habe dann gemerkt das es nur teilweise was bringt, meinen - Datei nicht deinstallierbar...
Archiv
Du betrachtest: Datei nicht deinstallierbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.