|
Plagegeister aller Art und deren Bekämpfung: Neuer LaptopWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.06.2015, 10:02 | #1 |
| Neuer Laptop Hallo liebes Trojaner Team, ich habe diesen Laptop geschenkt bekommen. Problem ist nach einer Gewissen Zeit friert das System komplett ein. Ich habe schon ein Antivirus Problem durchlaufen lassen aber es wurde nichts gefunden. Können sie mir hier weiter helfen, ich bin ratlos. mfg |
24.06.2015, 10:32 | #2 |
/// the machine /// TB-Ausbilder | Neuer Laptop hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
24.06.2015, 11:33 | #3 |
| Neuer LaptopCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01 Ran by Kenneth (administrator) on J3LACKSOUL2 on 24-06-2015 12:23:47 Running from C:\Users\Kenneth\Downloads Loaded Profiles: Kenneth & (Available Profiles: Kenneth) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Pokki) C:\Users\Kenneth\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor) HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-05-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\...\Run: [GoogleChromeAutoLaunch_6C38E6B19BAC5E0F15423214E7CC3E37] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.) HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation) HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_6C38E6B19BAC5E0F15423214E7CC3E37] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.) HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-09-28] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://homepage-web.com/?s=acer&m=start HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://homepage-web.com/?s=acer&m=start SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-3332034869-3173535831-2558911852-1001 -> DefaultScope {9E36211B-11D8-11E5-8266-F0761C2E72CB} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} SearchScopes: HKU\S-1-5-21-3332034869-3173535831-2558911852-1001 -> {9E36211B-11D8-11E5-8266-F0761C2E72CB} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} SearchScopes: HKU\S-1-5-21-3332034869-3173535831-2558911852-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {9E36211B-11D8-11E5-8266-F0761C2E72CB} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} SearchScopes: HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9E36211B-11D8-11E5-8266-F0761C2E72CB} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} SearchScopes: HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\j4uxPEUy.default FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.) FF Extension: Avira Browser Safety - C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\j4uxPEUy.default\Extensions\abs@avira.com [2015-06-13] Chrome: ======= CHR Profile: C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-13] CHR Extension: (Google Docs) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-13] CHR Extension: (Google Drive) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-13] CHR Extension: (YouTube) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-13] CHR Extension: (Adblock Plus) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-13] CHR Extension: (Google Search) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-13] CHR Extension: (Google Sheets) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-13] CHR Extension: (Avira Browser Safety) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-13] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-06-13] CHR Extension: (Auto HD For YouTube™) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-06-13] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-13] CHR Extension: (Zelda Dark) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lilddpnkkhkcjkdaaglfminjopbijomp [2015-06-13] CHR Extension: (Google Wallet) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-13] CHR Extension: (Gmail) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-05-27] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-05-27] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-05-27] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-05-27] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-05-27] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-05-27] (Avira Operations GmbH & Co. KG) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-24 12:23 - 2015-06-24 12:24 - 00017804 _____ C:\Users\Kenneth\Downloads\FRST.txt 2015-06-24 12:23 - 2015-06-24 12:23 - 02109952 _____ (Farbar) C:\Users\Kenneth\Downloads\FRST64.exe 2015-06-24 12:23 - 2015-06-24 12:23 - 00000000 ____D C:\FRST 2015-06-24 11:10 - 2015-06-24 11:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-24 11:10 - 2015-06-24 11:10 - 00001082 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-06-24 11:10 - 2015-06-24 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-06-24 11:10 - 2015-06-24 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-24 11:10 - 2015-06-24 11:10 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-06-24 11:10 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-24 11:10 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-24 11:10 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-24 10:55 - 2015-06-24 11:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Kenneth\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-17 22:09 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2015-06-17 22:09 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-06-17 22:09 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-06-17 22:09 - 2014-10-29 04:45 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-06-17 22:09 - 2014-10-29 04:44 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-06-17 22:09 - 2014-10-29 04:00 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-06-17 22:09 - 2014-10-29 04:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-06-17 22:09 - 2014-10-07 08:54 - 00189248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS 2015-06-17 22:08 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2015-06-17 22:08 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2015-06-17 22:08 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2015-06-17 22:08 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2015-06-17 22:08 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2015-06-17 22:08 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2015-06-17 22:08 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2015-06-17 22:08 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2015-06-17 22:08 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2015-06-17 22:08 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2015-06-17 22:08 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2015-06-17 22:08 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2015-06-17 22:08 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2015-06-17 22:08 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2015-06-17 22:08 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2015-06-17 22:08 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-06-17 22:08 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2015-06-17 22:08 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2015-06-17 22:08 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2015-06-17 22:08 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2015-06-17 22:08 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2015-06-17 22:08 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2015-06-17 22:08 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2015-06-17 22:08 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2015-06-17 22:08 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-06-17 22:08 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-06-17 22:08 - 2014-12-06 05:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-06-17 22:08 - 2014-12-06 03:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-06-17 22:08 - 2014-10-29 04:24 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2015-06-17 22:08 - 2014-10-29 04:00 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2015-06-17 22:08 - 2014-10-29 03:43 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2015-06-17 22:08 - 2014-10-29 03:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2015-06-17 22:08 - 2014-10-29 03:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-06-17 22:08 - 2014-10-29 03:20 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2015-06-17 22:08 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll 2015-06-17 22:08 - 2014-10-29 03:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-06-17 22:08 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll 2015-06-17 22:08 - 2014-10-29 02:57 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2015-06-17 22:08 - 2014-10-29 02:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2015-06-17 22:08 - 2014-10-29 02:56 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2015-06-17 22:08 - 2014-10-29 02:46 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2015-06-17 22:08 - 2014-10-29 02:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2015-06-17 22:08 - 2014-10-29 02:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2015-06-17 22:08 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2015-06-17 22:08 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2015-06-17 22:08 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2015-06-17 22:08 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2015-06-17 22:08 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2015-06-17 22:08 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2015-06-17 22:08 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2015-06-17 22:08 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2015-06-17 22:08 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2015-06-17 22:08 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2015-06-17 22:08 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2015-06-17 22:08 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2015-06-17 22:08 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2015-06-17 22:08 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2015-06-17 22:08 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2015-06-17 22:08 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2015-06-17 22:08 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-06-17 22:08 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll 2015-06-17 22:08 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll 2015-06-17 22:08 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-06-17 22:08 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-06-17 22:04 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-17 22:04 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-17 22:04 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-17 22:04 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-17 22:04 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-17 22:04 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-17 22:04 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-17 22:04 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-17 22:04 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-06-17 22:04 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-17 22:04 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-17 22:04 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-17 22:04 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-17 22:04 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-06-17 22:04 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-17 22:04 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-17 22:04 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-17 22:04 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-17 22:04 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-17 22:04 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-17 22:04 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-17 22:04 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-17 22:04 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-17 22:04 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-06-17 22:04 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-17 22:04 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-17 22:04 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-17 22:04 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-17 22:04 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-17 22:04 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-06-17 22:04 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-17 22:04 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-17 22:04 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-17 22:04 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-17 22:04 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-17 22:04 - 2014-10-31 06:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-17 22:04 - 2014-10-31 06:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-17 22:04 - 2014-10-31 06:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-17 22:04 - 2014-10-31 06:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-06-17 22:04 - 2014-10-31 04:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-17 22:04 - 2014-10-31 04:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-06-17 22:03 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-17 22:03 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-17 22:03 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-06-17 22:03 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-17 22:03 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-17 22:03 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-17 22:03 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-06-17 22:03 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-06-17 22:03 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2015-06-17 22:03 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-06-17 22:03 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-17 22:03 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-17 22:03 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-06-17 22:03 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-06-17 22:03 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe 2015-06-17 22:03 - 2014-10-31 07:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2015-06-17 22:03 - 2014-10-31 07:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-06-17 22:03 - 2014-10-31 07:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2015-06-17 22:03 - 2014-10-31 07:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2015-06-17 22:03 - 2014-10-31 07:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-06-17 22:03 - 2014-10-31 07:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-06-17 22:03 - 2014-10-31 07:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-17 22:03 - 2014-10-31 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-17 22:03 - 2014-10-31 06:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-17 22:03 - 2014-10-31 06:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2015-06-17 22:03 - 2014-10-31 06:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2015-06-17 22:03 - 2014-10-31 06:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-17 22:03 - 2014-10-31 06:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2015-06-17 22:03 - 2014-10-31 06:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-06-17 22:03 - 2014-10-31 06:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-06-17 22:03 - 2014-10-31 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-17 22:03 - 2014-10-31 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-06-17 22:03 - 2014-10-31 05:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2015-06-17 22:03 - 2014-10-31 05:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2015-06-17 22:03 - 2014-10-31 05:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-06-17 22:03 - 2014-10-31 05:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2015-06-17 22:03 - 2014-10-31 05:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2015-06-17 22:03 - 2014-10-31 05:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-06-17 22:03 - 2014-10-31 05:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-06-17 22:03 - 2014-10-31 05:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-17 22:03 - 2014-10-31 05:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-17 22:03 - 2014-10-31 05:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-17 22:03 - 2014-10-31 05:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-17 22:03 - 2014-10-31 05:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2015-06-17 22:03 - 2014-10-31 05:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-17 22:03 - 2014-10-31 05:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2015-06-17 22:03 - 2014-10-31 05:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-17 22:03 - 2014-10-31 05:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2015-06-17 22:03 - 2014-10-31 04:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2015-06-17 22:03 - 2014-10-31 04:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-06-17 22:03 - 2014-10-31 04:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-06-17 22:03 - 2014-10-31 04:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-17 22:03 - 2014-10-31 04:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-06-17 22:03 - 2014-10-31 04:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2015-06-17 22:03 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-17 22:00 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-17 21:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2015-06-17 21:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2015-06-17 21:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2015-06-17 21:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2015-06-17 21:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2015-06-17 21:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2015-06-17 21:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2015-06-17 21:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2015-06-17 21:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2015-06-17 21:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2015-06-17 21:56 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-06-17 21:56 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-06-17 21:56 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-06-17 21:56 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-17 21:56 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2015-06-17 21:56 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-06-17 21:56 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-06-17 21:56 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-06-17 21:56 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-06-17 21:56 - 2015-01-16 00:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-17 21:56 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-17 21:56 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-17 21:56 - 2014-11-10 01:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-06-17 21:56 - 2014-11-10 01:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-06-17 21:56 - 2014-10-29 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-17 21:56 - 2014-10-29 04:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-17 21:56 - 2014-10-29 04:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-17 21:56 - 2014-10-29 04:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-17 21:56 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-06-17 21:56 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-06-17 21:56 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-06-17 21:56 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-06-17 21:56 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-06-17 21:55 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-06-17 21:55 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-06-17 21:55 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2015-06-17 21:55 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-06-17 21:55 - 2014-12-08 21:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-06-17 21:55 - 2014-12-08 21:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-06-17 21:55 - 2014-12-06 03:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-06-17 21:55 - 2014-10-29 06:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-06-17 21:55 - 2014-10-29 06:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2015-06-17 21:55 - 2014-10-29 05:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-06-17 21:55 - 2014-10-29 05:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-06-17 21:55 - 2014-10-29 05:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-06-17 21:55 - 2014-10-29 05:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-06-17 21:55 - 2014-10-29 05:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-06-17 21:55 - 2014-10-29 05:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2015-06-17 21:55 - 2014-10-29 05:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-06-17 21:55 - 2014-10-29 05:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-06-17 21:55 - 2014-10-29 05:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-06-17 21:55 - 2014-10-29 04:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-06-17 21:55 - 2014-10-29 03:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2015-06-17 21:55 - 2014-10-29 03:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe 2015-06-17 21:55 - 2014-10-29 03:54 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2015-06-17 21:55 - 2014-10-29 03:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe 2015-06-17 21:55 - 2014-10-29 03:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2015-06-17 21:55 - 2014-10-29 03:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-06-17 21:55 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2015-06-17 21:55 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2015-06-17 21:55 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-06-17 21:55 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-06-17 21:54 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-06-17 21:54 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-06-17 21:54 - 2014-10-29 04:42 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-06-17 21:54 - 2014-10-29 03:19 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-06-17 21:54 - 2014-10-29 02:59 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-06-13 12:17 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150613-121702.backup 2015-06-13 10:35 - 2015-06-13 12:13 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-06-13 10:35 - 2015-06-13 10:35 - 00001371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-06-13 10:35 - 2015-06-13 10:35 - 00001359 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-06-13 10:35 - 2015-06-13 10:35 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2015-06-13 10:35 - 2015-06-13 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-06-13 10:35 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2015-06-13 10:34 - 2015-06-13 10:40 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-06-13 10:27 - 2015-06-13 10:27 - 01197344 _____ C:\Users\Kenneth\Downloads\SpyBot Search Destroy - CHIP-Installer.exe 2015-06-13 09:59 - 2015-06-13 09:59 - 00000000 _____ C:\Recovery.txt 2015-06-13 02:31 - 2015-06-13 02:31 - 00000000 ____D C:\Users\Kenneth\AppData\Roaming\Mozilla 2015-06-13 02:31 - 2015-06-13 02:31 - 00000000 ____D C:\Users\Kenneth\AppData\Roaming\Avira 2015-06-13 02:28 - 2015-05-27 13:11 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-06-13 02:28 - 2015-05-27 13:11 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-06-13 02:28 - 2015-05-27 13:11 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-06-13 02:28 - 2015-05-27 13:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-06-13 02:25 - 2015-06-13 02:25 - 00001176 _____ C:\Users\Public\Desktop\Avira.lnk 2015-06-13 02:24 - 2015-06-13 02:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-06-13 02:24 - 2015-06-13 02:28 - 00000000 ____D C:\ProgramData\Avira 2015-06-13 02:24 - 2015-06-13 02:28 - 00000000 ____D C:\Program Files (x86)\Avira 2015-06-13 02:24 - 2015-06-13 02:24 - 04683232 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kenneth\Downloads\avira_de_av_557b7816e2e1b__ws.exe 2015-06-13 02:20 - 2015-06-13 02:20 - 02870984 _____ (ESET) C:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe 2015-06-13 02:20 - 2015-06-13 02:20 - 00000000 ____D C:\Program Files (x86)\ESET 2015-06-13 01:32 - 2015-06-13 01:32 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Acer Aspire R7 Tutorial 2015-06-13 01:30 - 2015-06-13 01:30 - 00007597 _____ C:\Users\Kenneth\AppData\Local\Resmon.ResmonCfg 2015-06-13 00:51 - 2015-06-13 00:51 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Steam 2015-06-13 00:44 - 2015-06-24 10:40 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-13 00:44 - 2015-06-13 00:44 - 00000943 _____ C:\Users\Public\Desktop\Steam.lnk 2015-06-13 00:44 - 2015-06-13 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-06-13 00:41 - 2015-06-13 00:41 - 01142128 _____ C:\Users\Kenneth\Downloads\SteamSetup.exe 2015-06-13 00:37 - 2015-06-24 11:08 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-13 00:37 - 2015-06-13 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-13 00:36 - 2015-06-24 11:46 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-13 00:36 - 2015-06-24 10:40 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-13 00:36 - 2015-06-13 00:41 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-06-13 00:36 - 2015-06-13 00:41 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-06-13 00:35 - 2015-06-13 00:37 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Google 2015-06-13 00:35 - 2015-06-13 00:37 - 00000000 ____D C:\Program Files (x86)\Google 2015-06-13 00:35 - 2015-06-13 00:35 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Deployment 2015-06-13 00:35 - 2015-06-13 00:35 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Apps\2.0 2015-06-13 00:24 - 2015-06-13 00:24 - 00000000 ____D C:\Users\Kenneth\AppData\Roaming\WildTangent 2015-06-13 00:21 - 2015-06-24 11:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3332034869-3173535831-2558911852-1001 2015-06-13 00:21 - 2015-06-13 00:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-06-13 00:15 - 2015-06-13 00:15 - 00000000 ____D C:\Users\Kenneth\AppData\Local\GWX 2015-06-13 00:13 - 2015-06-24 10:41 - 00000000 ____D C:\Users\Kenneth\OneDrive 2015-06-13 00:13 - 2015-06-13 00:13 - 00000000 ____D C:\Users\Public\Pokki 2015-06-13 00:12 - 2015-06-13 00:13 - 00002283 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2015-06-13 00:12 - 2015-06-13 00:12 - 00002129 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk 2015-06-13 00:11 - 2015-06-13 00:27 - 00000000 ____D C:\Users\Kenneth\AppData\Local\clear.fi 2015-06-13 00:11 - 2015-06-13 00:11 - 00000000 ____D C:\Users\Kenneth\PicStream 2015-06-13 00:11 - 2015-06-13 00:11 - 00000000 ____D C:\Users\Kenneth\AppData\Roaming\Macromedia 2015-06-13 00:10 - 2015-06-13 00:12 - 00000000 ____D C:\Users\Kenneth\AppData\Local\PackageStaging 2015-06-13 00:10 - 2015-06-13 00:10 - 00001280 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk 2015-06-13 00:10 - 2015-06-13 00:10 - 00000000 ____D C:\Users\Kenneth\AppData\Local\AOP SDK 2015-06-13 00:09 - 2015-06-13 00:23 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Packages 2015-06-13 00:09 - 2015-06-13 00:09 - 00001458 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-06-13 00:09 - 2015-06-13 00:09 - 00000000 ____D C:\Windows\oem 2015-06-13 00:09 - 2015-06-13 00:09 - 00000000 ____D C:\Users\Kenneth\AppData\Roaming\Adobe 2015-06-13 00:09 - 2015-06-13 00:09 - 00000000 ____D C:\Users\Kenneth\AppData\Local\VirtualStore 2015-06-13 00:09 - 2015-06-13 00:09 - 00000000 ____D C:\Users\Kenneth\AppData\Local\OEM 2015-06-13 00:09 - 2015-06-13 00:09 - 00000000 ____D C:\ProgramData\OEM_YAHOO 2015-06-13 00:09 - 2015-06-13 00:09 - 00000000 ____D C:\Program Files\Accessory Store 2015-06-13 00:08 - 2015-06-13 00:08 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-06-13 00:07 - 2015-06-13 00:09 - 00000000 ___SD C:\Windows\system32\GWX 2015-06-13 00:07 - 2015-06-13 00:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-06-13 00:06 - 2015-06-24 10:43 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Pokki 2015-06-13 00:06 - 2015-06-24 10:40 - 00000000 ____D C:\Users\Kenneth 2015-06-13 00:06 - 2015-06-13 00:06 - 00000020 ___SH C:\Users\Kenneth\ntuser.ini 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Vorlagen 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Startmenü 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Netzwerkumgebung 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Lokale Einstellungen 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Eigene Dateien 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Druckumgebung 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Documents\Eigene Musik 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Documents\Eigene Bilder 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\AppData\Local\Verlauf 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\AppData\Local\Anwendungsdaten 2015-06-13 00:06 - 2015-06-13 00:06 - 00000000 _SHDL C:\Users\Kenneth\Anwendungsdaten 2015-06-13 00:06 - 2014-07-25 23:18 - 00000000 ___RD C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-06-13 00:06 - 2014-03-18 12:33 - 00000000 ___RD C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-06-13 00:06 - 2014-03-18 12:13 - 00000369 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-06-13 00:06 - 2014-03-18 12:13 - 00000369 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-06-13 00:06 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-06-13 00:06 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-06-13 00:04 - 2015-06-02 19:47 - 02502928 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2015-06-13 00:04 - 2015-06-02 19:47 - 02209080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2015-06-13 00:04 - 2015-06-02 19:47 - 00129120 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe 2015-06-13 00:04 - 2015-06-02 19:47 - 00110576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe 2015-06-13 00:04 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-06-13 00:04 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-06-13 00:04 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-06-13 00:04 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-06-13 00:04 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-06-13 00:04 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-06-13 00:04 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-06-13 00:04 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-06-13 00:04 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-06-13 00:04 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-06-13 00:04 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-06-13 00:04 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-06-13 00:04 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-06-13 00:04 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-06-13 00:04 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-06-13 00:03 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-06-13 00:03 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-06-13 00:03 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2015-06-13 00:03 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Programme 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2015-06-13 00:00 - 2015-06-13 00:00 - 00000000 _SHDL C:\Dokumente und Einstellungen ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-24 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-06-24 11:30 - 2014-09-28 14:48 - 01810463 _____ C:\Windows\WindowsUpdate.log 2015-06-24 11:30 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-06-24 10:46 - 2014-09-28 22:50 - 00765582 _____ C:\Windows\system32\perfh007.dat 2015-06-24 10:46 - 2014-09-28 22:50 - 00159366 _____ C:\Windows\system32\perfc007.dat 2015-06-24 10:46 - 2014-03-18 12:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-24 10:39 - 2013-08-22 16:46 - 00021973 _____ C:\Windows\setupact.log 2015-06-24 10:39 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-24 10:39 - 2013-08-22 16:44 - 00346960 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-24 10:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-06-24 10:32 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2015-06-24 10:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-17 22:37 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal 2015-06-17 21:59 - 2014-07-25 23:24 - 00027798 _____ C:\Windows\DirectX.log 2015-06-17 01:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-06-17 00:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-06-13 10:23 - 2014-03-18 11:54 - 00172766 _____ C:\Windows\PFRO.log 2015-06-13 09:58 - 2013-08-22 17:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template 2015-06-13 02:24 - 2014-07-25 23:21 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-13 00:30 - 2014-07-25 23:28 - 00000000 ____D C:\ProgramData\McAfee 2015-06-13 00:28 - 2014-07-25 23:57 - 00000000 ___HD C:\OEM 2015-06-13 00:28 - 2014-07-25 23:21 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-06-13 00:28 - 2014-07-25 23:20 - 00000000 ____D C:\Program Files (x86)\Acer 2015-06-13 00:28 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-06-13 00:26 - 2014-07-25 23:00 - 00000000 ____D C:\Users\Administrator 2015-06-13 00:24 - 2014-07-25 23:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-06-13 00:24 - 2014-07-25 23:23 - 00000000 ____D C:\ProgramData\WildTangent 2015-06-13 00:14 - 2014-07-25 23:20 - 00000000 ____D C:\ProgramData\acer 2015-06-13 00:11 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-06-13 00:09 - 2014-07-25 23:58 - 00000000 ____D C:\Windows\Panther 2015-06-13 00:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2015-06-13 00:04 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\restore 2015-06-13 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT 2015-06-13 00:00 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default ==================== Files in the root of some directories ======= 2015-06-13 01:30 - 2015-06-13 01:30 - 0007597 _____ () C:\Users\Kenneth\AppData\Local\Resmon.ResmonCfg 2014-09-28 14:04 - 2014-09-28 14:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Kenneth\AppData\Local\Temp\avgnt.exe C:\Users\Kenneth\AppData\Local\Temp\octBA57.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-25 22:59 ==================== End of log ============================ FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01 Ran by Kenneth at 2015-06-24 12:25:06 Running from C:\Users\Kenneth\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3332034869-3173535831-2558911852-500 - Administrator - Disabled) Gast (S-1-5-21-3332034869-3173535831-2558911852-501 - Limited - Disabled) Kenneth (S-1-5-21-3332034869-3173535831-2558911852-1001 - Administrator - Enabled) => C:\Users\Kenneth ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated) abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2005.6 - Acer Incorporated) Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated) Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2006 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated) Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated) Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Host App Service (HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\...\Pokki) (Version: 0.269.7.660 - Pokki) Host App Service (HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki) (Version: 0.269.7.660 - Pokki) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Pokki Start Menu (HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\...\Pokki_Start_Menu) (Version: 0.269.7.660 - Pokki) Pokki Start Menu (HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki_Start_Menu) (Version: 0.269.7.660 - Pokki) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 13-06-2015 00:04:32 Windows Modules Installer 17-06-2015 21:57:29 DirectX wurde installiert ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {008BFB63-EEE6-4709-B17A-76019F16A497} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-22] (Microsoft Corporation) Task: {04F89B4E-8AFF-4CD8-AE1A-4D88A555387B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {09A43DFF-C5B1-4680-9341-FD29E63CA862} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.) Task: {0FF514A3-9F04-4976-8397-A4EA74291599} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-21] (Microsoft Corporation) Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] () Task: {2E624DDC-F95E-4E52-BDE0-DE51BAC93A19} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate) Task: {372B4681-ABD7-47BD-B24E-29C3B348FD49} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] () Task: {6B9C1850-90D5-4DB5-BE28-86B065FB7471} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {6BDBAC1F-7A7E-455C-92DC-36197AEAAA26} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-22] (Microsoft Corporation) Task: {72BF9661-DBC8-4D56-BF54-B0404CC457F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-22] (Microsoft Corporation) Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated) Task: {A40DE7D7-F99B-4CC6-8FD3-36C906D0B74C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-22] (Microsoft Corporation) Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated) Task: {B6B639FA-10B1-498C-8B35-69ABE9C77EF3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) Task: {B8368E32-2C9E-433B-AAD7-E60E531E4513} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.) Task: {C80A955B-D9AE-4710-850F-F5409B99642D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {D4B7A58E-7D8E-437D-9136-B4401F30CD81} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated) Task: {F2D6698C-9603-48CB-A9B3-3E0B657FDE2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-22] (Microsoft Corporation) Task: {F4837737-1786-46C4-8B82-965A60708611} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>) Task: {F755230F-C227-4F17-8539-8168B8570140} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-07-01] () Task: {FFA54938-35C8-45C8-A0E8-45D6ED9E8512} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-22] (Microsoft Corporation) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-02-18 20:02 - 2014-02-18 20:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll 2014-07-25 23:23 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-07-25 23:27 - 2014-07-01 23:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2015-06-13 10:35 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-06-13 10:35 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-06-13 10:35 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-06-13 10:35 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-06-13 10:35 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-07-25 23:27 - 2014-07-01 23:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll 2015-06-13 00:50 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-06-13 00:50 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-06-13 00:50 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll 2015-06-13 00:50 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-06-13 00:50 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-06-13 00:50 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-06-13 00:50 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-06-13 00:50 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-06-13 00:50 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-06-13 00:50 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-06-13 00:50 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-06-13 00:37 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll 2015-06-13 00:37 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll 2015-06-13 00:50 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Kenneth\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7866 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3332034869-3173535831-2558911852-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kenneth\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\skulls kids the legend of zelda 1280x800 wallpaper_www.wallpaperhi.com_86.jpg HKU\S-1-5-21-3332034869-3173535831-2558911852-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Kenneth\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\skulls kids the legend of zelda 1280x800 wallpaper_www.wallpaperhi.com_86.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{0A20BDB2-3A22-4C8B-A174-0307ED73048D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{6B04AB04-A2A8-4C44-AD62-DFBE5F7C8CCA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{2EA69E2E-4249-4721-9591-66DB1CB31741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{05FB242C-6370-4FB6-8BA6-BD7354BF5106}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{3F14814A-6654-4502-BAE3-2DB1FEF910BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{2589C329-AB2F-46F6-8E8D-9248B56CE344}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{D6EF0449-6107-48A0-95A8-EF40668E33BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{F464C4BB-0BDC-43B9-BFC5-5E6583599744}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{A887D22E-D816-4E22-9ED0-B28FE8F6AE12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{275E0CC5-7559-4DDA-BC8D-8E74E7EE4C9B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{365DD19D-5C9A-418F-8D91-BBD0A309A72B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{57E38146-084C-4D24-9EB8-AC037F28E050}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{B34248FC-52F0-4F8A-87FC-34F1BF7132E7}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{94459336-9391-4665-9A3F-7F607C4CA0D5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe FirewallRules: [{48C2B10E-7C1E-4770-96F0-E023EC240FB8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{41C99B7A-8D47-43D0-9CC4-5C3F59685EBA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{08845DB3-44B7-4E1B-BEFE-B3A4E351F8B2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{19C69CDC-31FD-4BE3-AFDE-F9280615B239}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{18B97D50-98B5-4196-A2AA-D2F841743B02}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{63F3322C-645C-40B1-B557-60177DAE0810}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{2A4E9851-2FB0-430E-A0A9-C70D4B3B7C3A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{C3546F7A-E7B8-4DFF-826E-55B5B96D7B3E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{4EACDBF5-01BC-400A-A638-5CEA2EFF7C17}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{6E558068-E555-4520-B2D5-F556B93FE74D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{34F61FCC-5088-49DD-8AEA-CE63595F800C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{25B67AA0-6148-4321-994B-2657600590A6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{768DA7E6-CDF8-47F3-BE56-168FA1B24B72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{132B6450-CC44-4C72-86FC-36F71DEEB8AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{19AB453C-D491-493B-A62A-3BAB81262CD8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BABA3BC9-45FE-4C72-9005-60943A768BBB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4715C113-B539-4A1D-9E5B-17ACCB0EDFAD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{ED99F9D6-E737-4513-BB0B-A2AD9C66DC0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A1A5856D-572B-4989-A0A2-F557666B8928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9DF0E3C8-BFFA-48D8-A47F-82E25825078B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overture\Overture.exe FirewallRules: [{E6B5F502-A4A6-46D3-9F9B-F9D0AB6C43A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overture\Overture.exe FirewallRules: [{D6A5B458-ACFD-455B-B42B-A60458119E8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{0B24F7AD-0CF5-47F0-A67D-A073C6600D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{443EECBC-0D35-48D5-A6A9-82F5C0B414C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/17/2015 00:19:06 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 10:33:03 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 02:48:17 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 02:46:39 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 02:20:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 02:20:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 02:20:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 02:20:27 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (06/13/2015 00:08:34 AM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT) Description: a7f42014 Error: (06/13/2015 00:01:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT) Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Administrator. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden. DETAIL - Das Verzeichnis ist nicht leer. System errors: ============= Error: (06/24/2015 10:36:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (06/24/2015 10:36:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (06/24/2015 10:35:40 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 24.06.2015 um 10:33:46 unerwartet heruntergefahren. Error: (06/24/2015 10:33:46 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 17.06.2015 um 22:33:31 unerwartet heruntergefahren. Error: (06/16/2015 11:58:08 PM) (Source: DCOM) (EventID: 10016) (User: J3LACKSOUL2) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}J3lackSoul2KennethS-1-5-21-3332034869-3173535831-2558911852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/16/2015 11:58:08 PM) (Source: DCOM) (EventID: 10016) (User: J3LACKSOUL2) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}J3lackSoul2KennethS-1-5-21-3332034869-3173535831-2558911852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/16/2015 11:58:07 PM) (Source: DCOM) (EventID: 10016) (User: J3LACKSOUL2) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}J3lackSoul2KennethS-1-5-21-3332034869-3173535831-2558911852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/16/2015 11:58:07 PM) (Source: DCOM) (EventID: 10016) (User: J3LACKSOUL2) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}J3lackSoul2KennethS-1-5-21-3332034869-3173535831-2558911852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/16/2015 11:58:07 PM) (Source: DCOM) (EventID: 10016) (User: J3LACKSOUL2) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}J3lackSoul2KennethS-1-5-21-3332034869-3173535831-2558911852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/16/2015 11:58:07 PM) (Source: DCOM) (EventID: 10016) (User: J3LACKSOUL2) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}J3lackSoul2KennethS-1-5-21-3332034869-3173535831-2558911852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Microsoft Office: ========================= Error: (06/17/2015 00:19:06 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (06/13/2015 10:33:03 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe Error: (06/13/2015 02:48:17 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe Error: (06/13/2015 02:46:39 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (06/13/2015 02:20:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe Error: (06/13/2015 02:20:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe Error: (06/13/2015 02:20:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe Error: (06/13/2015 02:20:27 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Kenneth\Downloads\esetsmartinstaller_deu.exe Error: (06/13/2015 00:08:34 AM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT) Description: a7f42014 Error: (06/13/2015 00:01:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT) Description: C:\Users\AdministratorDas Verzeichnis ist nicht leer. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz Percentage of memory in use: 46% Total physical RAM: 3979.2 MB Available physical RAM: 2135.01 MB Total Pagefile: 4683.2 MB Available Pagefile: 2235.82 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:449.42 GB) (Free:325.59 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: D7C35346) Partition: GPT Partition Type. ==================== End of log ============================ |
25.06.2015, 08:23 | #4 |
/// the machine /// TB-Ausbilder | Neuer Laptop Definier mal bitte "komplett einfrieren".
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Neuer Laptop |
antivirus, friert, gefunde, geschenk, geschenkt, gewisse, gewissen, komplett, laptop, neuer, nichts, problem, system, troja, trojaner |