Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

BlockAndSurf, but this time, it's impossible to find!

Started by LoniVanBuni , Dec 09 2014 05:14 PM
adware virus help blocknsurf blockandsurf

  • This topic is locked This topic is locked

#1
LoniVanBuni
Posted 09 December 2014 - 05:14 PM

LoniVanBuni

    New Member

  • Member
  • Pip
  • 6 posts

Hey guys, i have a problem. Since a few days ago, my browser is cluttered with ads, with the writing "Ads by BlockAndSurf" under them. I read that it may be caused by a program so i went to the controlpanel and uninstalled every suspicious software. But the adware is still there. I already tried a lot of antivirus softwares, and i also did scans in safe mode. My pc has Win7 Professional 64-bit.  I'd appreciate it if someone helped me out!

 

OTL logfile created on: 10.12.2014 00:06:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\LoniVanBuni\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,92 Gb Total Physical Memory | 4,27 Gb Available Physical Memory | 53,91% Memory free
15,84 Gb Paging File | 11,57 Gb Available in Paging File | 73,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 595,21 Gb Free Space | 63,90% Space Free | Partition Type: NTFS
 
Computer Name: LONIVANBUNIS-PC | User Name: LoniVanBuni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014.12.10 00:05:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LoniVanBuni\Downloads\OTL.exe
PRC - [2014.12.09 19:05:43 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.12.09 00:20:58 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2014.12.09 00:20:47 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.12.03 19:08:25 | 003,618,648 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2014.12.01 15:51:42 | 003,835,728 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.11.25 10:57:09 | 000,535,160 | ---- | M] () -- C:\Program Files (x86)\Opera\26.0.1656.32\opera_crashreporter.exe
PRC - [2014.11.25 10:57:07 | 050,335,864 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
PRC - [2014.11.24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.11.24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.11.24 10:23:21 | 000,702,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.11.21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014.11.21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014.11.21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014.11.18 21:23:36 | 001,519,808 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
PRC - [2014.11.18 21:23:34 | 001,940,160 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.11.18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.10.22 15:16:42 | 000,124,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014.10.22 15:16:38 | 000,164,656 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014.06.21 11:52:02 | 002,011,904 | ---- | M] (CurioLab S.M.B.A.) -- C:\Program Files (x86)\Exterminate It!\ExterminateIt.exe
PRC - [2013.11.01 11:34:48 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2013.08.08 14:30:28 | 000,283,648 | ---- | M] () -- C:\Programme\Qualcomm Atheros\Network Manager\NetworkManager.exe
PRC - [2012.04.11 10:41:04 | 000,097,280 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014.12.09 00:20:51 | 038,562,088 | ---- | M] () -- C:\Programme\AVAST Software\Avast\libcef.dll
MOD - [2014.12.03 19:08:24 | 001,007,104 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll
MOD - [2014.12.03 19:08:24 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll
MOD - [2014.12.03 19:08:24 | 000,261,120 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll
MOD - [2014.12.03 19:08:24 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
MOD - [2014.12.03 19:08:24 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll
MOD - [2014.12.03 19:08:24 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll
MOD - [2014.12.03 19:08:24 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll
MOD - [2014.12.03 19:08:24 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
MOD - [2014.11.25 10:57:19 | 009,312,888 | ---- | M] () -- C:\Program Files (x86)\Opera\26.0.1656.32\pdf.dll
MOD - [2014.11.25 10:57:14 | 001,358,456 | ---- | M] () -- C:\Program Files (x86)\Opera\26.0.1656.32\libglesv2.dll
MOD - [2014.11.25 10:57:13 | 000,219,256 | ---- | M] () -- C:\Program Files (x86)\Opera\26.0.1656.32\libegl.dll
MOD - [2014.11.25 10:57:12 | 000,991,352 | ---- | M] () -- C:\Program Files (x86)\Opera\26.0.1656.32\ffmpegsumo.dll
MOD - [2014.11.25 10:57:09 | 000,535,160 | ---- | M] () -- C:\Program Files (x86)\Opera\26.0.1656.32\opera_crashreporter.exe
MOD - [2014.11.18 21:23:50 | 002,227,904 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014.11.18 21:23:34 | 000,690,880 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2014.11.11 19:48:12 | 001,171,456 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2014.11.11 19:48:12 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2014.11.11 19:48:12 | 000,442,368 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2014.11.11 19:48:12 | 000,403,968 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2014.11.11 19:48:12 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2014.11.11 19:48:04 | 034,589,888 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.11.11 19:47:56 | 000,774,656 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014.10.11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.10.11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013.12.03 18:40:01 | 000,256,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\8ea4f2a14f034a52843ddf37991c9f6d\WindowsFormsIntegration.ni.dll
MOD - [2013.12.03 18:39:34 | 002,956,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\c37bcdac22f4bcd9531dfcc4b9ebda56\System.IdentityModel.ni.dll
MOD - [2013.12.03 18:39:32 | 019,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\ec19fdffa5eaea430a77160272ed897e\System.ServiceModel.ni.dll
MOD - [2013.12.03 18:39:01 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\dcf2b1a7011858156e5b759de2e5e598\PresentationFramework-SystemXml.ni.dll
MOD - [2013.12.03 18:39:01 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\0dbb2348461d98c3319e8a3fa729eb68\PresentationFramework-SystemData.ni.dll
MOD - [2013.12.03 18:08:38 | 018,524,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\97e6b67983d07a066b68b3ae8be2f53d\PresentationFramework.ni.dll
MOD - [2013.12.03 18:08:33 | 002,505,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\fb1e17d7933d852614890b82126e6ab8\System.Data.Linq.ni.dll
MOD - [2013.12.03 18:08:32 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\e7d92730b571b31e62c2cf257f04a974\PresentationFramework.Aero.ni.dll
MOD - [2013.12.03 18:08:30 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\ad2f6440da38a0dbae2df194782b35d1\System.ServiceProcess.ni.dll
MOD - [2013.12.03 18:08:29 | 010,914,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b52bc540630c3aa5de542c382af35c20\PresentationCore.ni.dll
MOD - [2013.12.03 18:08:26 | 007,248,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9a6093eb864d6729de75ec4b955dddb1\System.Data.ni.dll
MOD - [2013.12.03 18:08:24 | 012,692,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22ae167d586450ad3a9b9a9ee43ebc86\System.Windows.Forms.ni.dll
MOD - [2013.12.03 18:08:22 | 006,995,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b9f7adbc90a2bcbe8eb9e6e8d2bb975b\System.Core.ni.dll
MOD - [2013.12.03 18:08:22 | 003,905,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\cd235caf797fb017f140016be88f33b7\WindowsBase.ni.dll
MOD - [2013.12.03 18:08:21 | 007,559,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9ba07396ae369d010c5c3927a82ef426\System.Xml.ni.dll
MOD - [2013.12.03 18:08:20 | 001,870,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cc4d9093563dadee370788bbc3ecf4fb\System.Xaml.ni.dll
MOD - [2013.12.03 18:08:18 | 002,785,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
MOD - [2013.12.03 18:08:18 | 001,630,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\72269ea7cc6281139e4d155e7c57dc67\System.Drawing.ni.dll
MOD - [2013.12.03 18:08:18 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\df55f04bc0ebe6c1abde4bc467bf4d03\System.ServiceModel.Internals.ni.dll
MOD - [2013.12.03 18:08:17 | 009,925,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\e40da7a49f8c3f0108e7c835b342f382\System.ni.dll
MOD - [2013.12.03 18:08:17 | 000,958,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\28586400bcaf94c13a9fd0dff4a1e090\System.Configuration.ni.dll
MOD - [2013.12.03 18:08:17 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\98e3281d79512c9a2a0a89e3bc2e554f\SMDiagnostics.ni.dll
MOD - [2013.12.03 18:08:13 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\1346fe7d35b70702029e422970db1201\System.Numerics.ni.dll
MOD - [2013.12.03 18:08:12 | 016,501,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll
MOD - [2013.08.08 14:30:28 | 000,283,648 | ---- | M] () -- C:\Programme\Qualcomm Atheros\Network Manager\NetworkManager.exe
MOD - [2011.11.02 09:02:56 | 000,318,531 | ---- | M] () -- C:\Program Files (x86)\Exterminate It!\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.11.01 11:46:24 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013.10.08 03:00:50 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.12.09 19:05:43 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.12.09 00:20:47 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.12.09 00:20:37 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Programme\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2014.12.03 19:08:25 | 001,900,400 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014.12.01 15:51:22 | 002,530,128 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.11.24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.11.24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.11.21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.11.21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.11.18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.11.14 18:28:26 | 000,417,552 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014.10.22 15:16:38 | 000,164,656 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014.07.23 00:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2013.08.08 14:30:40 | 000,343,040 | ---- | M] (Qualcomm Atheros) [Auto | Running] -- C:\Programme\Qualcomm Atheros\Network Manager\KillerService.exe -- (Qualcomm Atheros Killer Service V2)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014.12.09 23:40:58 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014.12.09 00:20:59 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.12.09 00:20:52 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.12.09 00:20:52 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.12.09 00:20:52 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.12.09 00:20:52 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
DRV:64bit: - [2014.12.09 00:20:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.12.09 00:20:52 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.12.09 00:20:51 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.12.07 02:16:53 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2014.12.06 18:47:14 | 000,106,456 | ---- | M] (Corsica) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\webinstrNewH.sys -- (webinstrNewH)
DRV:64bit: - [2014.11.24 10:23:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014.11.24 10:23:22 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014.11.24 10:23:21 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.10.08 05:30:14 | 013,199,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.10.08 02:30:10 | 000,624,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.09.24 15:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.08.16 15:37:12 | 000,424,192 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2013.08.16 15:37:12 | 000,140,032 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2013.06.27 16:50:46 | 000,042,304 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013.06.27 16:50:44 | 000,082,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013.05.27 20:09:38 | 000,227,648 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2013.05.27 20:09:38 | 000,106,816 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2013.03.20 16:46:40 | 000,154,320 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22W7x64.sys -- (Ke2200)
DRV:64bit: - [2013.02.13 15:07:46 | 000,067,888 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bflwfx64.sys -- (BfLwf)
DRV:64bit: - [2012.10.03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2014.12.09 00:20:37 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Programme\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2014.12.09 00:17:40 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\EEK\bin\cleanhlp64.sys -- (cleanhlp)
DRV - [2014.12.09 00:17:40 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\EEK\bin\a2ddax64.sys -- (A2DDA)
DRV - [2013.09.19 23:05:02 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *origin.com;*ea.com;*akamaihd.net;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:31626
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: false
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@omaha.maxiget.com/Maxiget Updater;version=3: C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll File not found
FF - HKLM\Software\MozillaPlugins\@omaha.maxiget.com/Maxiget Updater;version=9: C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.12.09 00:20:53 | 000,000,000 | ---D | M]
 
[2014.12.07 00:53:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LoniVanBuni\AppData\Roaming\mozilla\Extensions
[2014.12.07 04:20:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LoniVanBuni\AppData\Roaming\mozilla\Firefox\Profiles\er6wx06q.default-1417913129901\extensions
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe (Advanced Micro Devices, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B79EE812-3E2F-4143-ABFE-095511092D6D}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.12.07 02:19:19 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.12.10 00:05:29 | 000,000,000 | ---D | C] -- C:\EEK
[2014.12.09 23:58:59 | 002,480,312 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\LoniVanBuni\Desktop\procexp.exe
[2014.12.09 23:51:12 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Curiolab
[2014.12.09 23:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
[2014.12.09 23:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exterminate It!
[2014.12.09 23:41:02 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\VirtualStore
[2014.12.09 18:38:24 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Ubisoft
[2014.12.09 16:37:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.12.09 10:31:36 | 000,043,064 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014.12.09 02:59:43 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Documents\WB Games
[2014.12.09 01:06:40 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Opera Software
[2014.12.09 01:06:40 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Opera Software
[2014.12.09 01:06:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014.12.09 00:20:53 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.12.09 00:20:51 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.12.09 00:16:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2014.12.09 00:16:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2014.12.09 00:15:29 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\AVAST Software
[2014.12.09 00:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014.12.09 00:14:30 | 000,116,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.12.09 00:14:29 | 000,436,624 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.12.09 00:14:29 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.12.09 00:14:29 | 000,083,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswmonflt.sys
[2014.12.09 00:14:28 | 001,050,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014.12.09 00:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.12.09 00:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.12.08 22:10:23 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.08 22:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.12.08 22:10:09 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.12.08 22:10:09 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.12.08 22:10:09 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.12.08 22:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.12.08 22:04:28 | 000,000,000 | ---D | C] -- C:\FRST
[2014.12.08 22:04:05 | 002,119,680 | ---- | C] (Farbar) -- C:\Users\LoniVanBuni\Desktop\FRST64.exe
[2014.12.08 21:49:02 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Chromium
[2014.12.08 20:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014.12.08 20:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
[2014.12.07 22:59:18 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014.12.07 21:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.12.07 21:28:30 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\LogMeIn Hamachi
[2014.12.07 21:28:30 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\LogMeIn
[2014.12.07 21:28:30 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2014.12.07 21:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014.12.07 21:28:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014.12.07 20:59:19 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\SUPERAntiSpyware.com
[2014.12.07 20:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014.12.07 20:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014.12.07 20:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014.12.07 19:56:30 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\ESN
[2014.12.07 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\QuickScan
[2014.12.07 18:45:56 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\SCE
[2014.12.07 17:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014.12.07 17:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014.12.07 16:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.12.07 12:05:55 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\PunkBuster
[2014.12.07 12:05:53 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Documents\Battlefield 3
[2014.12.07 12:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2014.12.07 12:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2014.12.07 12:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2014.12.07 08:39:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2014.12.07 04:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft
[2014.12.07 04:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\Adware-Removal-Tool
[2014.12.07 03:00:56 | 000,013,824 | ---- | C] (Kephyr) -- C:\Windows\SysNative\ffnd.exe
[2014.12.07 02:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2014.12.07 02:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014.12.07 02:32:14 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\MFAData
[2014.12.07 02:19:05 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Enigma Software Group
[2014.12.07 02:19:03 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Start Menu
[2014.12.07 02:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.12.07 02:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.12.07 00:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.12.07 00:54:22 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Macromedia
[2014.12.07 00:53:13 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Mozilla
[2014.12.07 00:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.12.07 00:49:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014.12.07 00:35:34 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\PAYDAY 2
[2014.12.06 21:33:39 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Apps
[2014.12.06 20:40:30 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\java
[2014.12.06 20:40:16 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\.minecraft
[2014.12.06 20:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.12.06 20:39:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.12.06 20:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014.12.06 20:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.12.06 20:10:56 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Mozilla
[2014.12.06 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Avira
[2014.12.06 20:08:43 | 000,131,608 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014.12.06 20:08:43 | 000,119,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014.12.06 20:08:43 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014.12.06 20:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014.12.06 20:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014.12.06 18:49:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.12.06 18:47:31 | 000,106,456 | ---- | C] (Corsica) -- C:\Windows\SysNative\drivers\webinstrNewH.sys
[2014.12.06 18:42:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\docksbdrop32
[2014.12.06 18:42:10 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Programs
[2014.12.06 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4chan Image Downloader
[2014.12.06 17:20:50 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\SniperV2
[2014.12.06 15:45:08 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\WinRAR
[2014.12.06 15:42:06 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.12.06 15:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.12.06 15:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014.12.06 15:24:40 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Skyrim
[2014.12.06 15:06:39 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Apple Computer
[2014.12.06 15:06:39 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Apple Computer
[2014.12.06 15:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.12.06 15:06:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014.12.06 15:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.12.06 15:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.12.06 15:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.12.06 15:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014.12.06 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Apple
[2014.12.06 15:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014.12.06 15:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014.12.06 15:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014.12.06 15:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014.12.06 00:12:47 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014.12.05 23:56:39 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Desktop\Enterbrain
[2014.12.05 23:50:06 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Desktop\RPGVXAce
[2014.12.05 23:47:00 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Desktop\Content
[2014.12.05 23:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2014.12.05 23:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2014.12.05 23:36:50 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Oblivion
[2014.12.05 23:22:51 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Documents\My Games
[2014.12.05 23:22:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2014.12.04 22:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014.12.04 18:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014.12.04 18:46:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014.12.04 18:37:53 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Google
[2014.12.04 01:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pong Screensaver
[2014.12.04 00:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pong Clock
[2014.12.04 00:07:04 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\Documents\theHunter
[2014.12.04 00:06:57 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\theHunter
[2014.12.04 00:06:56 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\theHunter
[2014.12.04 00:05:11 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\theHunterSteam
[2014.12.03 21:43:26 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Unity
[2014.12.03 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Unity
[2014.12.03 20:50:16 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Macromedia
[2014.12.03 20:50:16 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Adobe
[2014.12.03 20:47:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014.12.03 20:46:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.12.03 20:46:27 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Adobe
[2014.12.03 20:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2014.12.03 20:30:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014.12.03 19:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2014.12.03 19:08:35 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Roaming\Origin
[2014.12.03 19:08:33 | 000,000,000 | ---D | C] -- C:\Users\LoniVanBuni\AppData\Local\Origin
[2014.12.03 19:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014.12.03 19:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2014.12.03 19:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2014.12.03 19:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014.12.03 19:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014.12.03 19:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014.12.03 19:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.12.10 00:05:49 | 000,000,743 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\Start Emsisoft Emergency Kit.lnk
[2014.12.09 23:50:28 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2014.12.09 23:41:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.12.09 23:40:58 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.09 23:38:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.12.09 23:12:37 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.12.09 23:12:37 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.12.09 23:10:57 | 001,614,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.12.09 23:10:57 | 000,697,468 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.12.09 23:10:57 | 000,652,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.12.09 23:10:57 | 000,148,164 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.12.09 23:10:57 | 000,120,948 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.12.09 23:03:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.12.09 23:03:27 | 2085,568,511 | -HS- | M] () -- C:\hiberfil.sys
[2014.12.09 21:51:28 | 000,348,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014.12.09 21:51:28 | 000,348,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.12.09 21:50:20 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.12.09 20:59:01 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d5001a5f-a972-4973-8a0d-87dd2a321522.job
[2014.12.09 19:05:43 | 000,076,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.12.09 10:31:08 | 000,043,064 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014.12.09 02:00:01 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 1c850ab7-3c79-44c0-ad21-18ab2de2575a.job
[2014.12.09 01:06:32 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014.12.09 00:21:08 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014.12.09 00:20:59 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014.12.09 00:20:52 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.12.09 00:20:52 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.12.09 00:20:52 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.12.09 00:20:52 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.12.09 00:20:52 | 000,083,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswmonflt.sys
[2014.12.09 00:20:52 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.12.09 00:20:52 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.12.09 00:20:51 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.12.09 00:20:51 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.12.08 22:10:11 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.12.08 22:04:11 | 002,119,680 | ---- | M] (Farbar) -- C:\Users\LoniVanBuni\Desktop\FRST64.exe
[2014.12.08 20:33:29 | 003,130,440 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2014.12.08 11:37:21 | 000,000,220 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\Garry's Mod.url
[2014.12.08 11:33:41 | 000,000,221 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\The Elder Scrolls V Skyrim.url
[2014.12.08 11:33:33 | 000,000,222 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\Unturned.url
[2014.12.08 11:33:29 | 000,000,221 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\Sniper Elite V2.url
[2014.12.08 11:33:22 | 000,000,222 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\Saints Row IV.url
[2014.12.08 11:33:16 | 000,000,222 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\PlanetSide 2.url
[2014.12.08 11:33:11 | 000,000,222 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\Alien Isolation.url
[2014.12.08 11:33:06 | 000,000,222 | ---- | M] () -- C:\Users\LoniVanBuni\Desktop\PAYDAY 2.url
[2014.12.07 15:58:58 | 000,007,605 | ---- | M] () -- C:\Users\LoniVanBuni\AppData\Local\Resmon.ResmonCfg
[2014.12.07 08:39:46 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2014.12.07 02:19:19 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014.12.07 02:16:53 | 000,022,704 | ---- | M] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2014.12.07 01:04:20 | 000,001,122 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014.12.06 18:47:31 | 000,001,971 | ---- | M] () -- C:\Windows\patsearch.bin
[2014.12.06 18:47:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNewH_01009.Wdf
[2014.12.06 18:47:14 | 000,106,456 | ---- | M] (Corsica) -- C:\Windows\SysNative\drivers\webinstrNewH.sys
[2014.12.06 15:06:38 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.12.06 00:07:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.12.05 23:56:47 | 000,002,168 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk
[2014.12.05 22:55:17 | 000,031,913 | ---- | M] () -- C:\Users\LoniVanBuni\Documents\23.wma
[2014.12.05 22:54:59 | 000,031,913 | ---- | M] () -- C:\Users\LoniVanBuni\Documents\Unbenannt.wma
[2014.12.04 23:24:21 | 000,000,099 | ---- | M] () -- C:\Users\LoniVanBuni\AppData\Roaming\LauncherSettings_live.cfg
[2014.12.04 22:37:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.12.04 19:01:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2014.12.04 18:45:04 | 001,588,294 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.12.04 00:06:56 | 000,000,040 | ---- | M] () -- C:\Users\LoniVanBuni\AppData\Roaming\TheHunterSettings_steam_live.cfg
[2014.12.03 19:05:59 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2014.12.03 19:02:01 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014.11.24 10:23:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014.11.24 10:23:22 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014.11.24 10:23:21 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.11.21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.12.10 00:05:49 | 000,000,743 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\Start Emsisoft Emergency Kit.lnk
[2014.12.09 23:58:59 | 000,072,154 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\procexp.chm
[2014.12.09 23:50:28 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2014.12.09 01:06:32 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014.12.09 01:06:32 | 000,001,139 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014.12.09 00:15:24 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014.12.09 00:14:30 | 000,267,632 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.12.09 00:14:29 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.12.09 00:14:29 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.12.08 22:10:11 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.12.08 20:58:32 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2014.12.08 11:37:21 | 000,000,220 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\Garry's Mod.url
[2014.12.08 11:33:41 | 000,000,221 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\The Elder Scrolls V Skyrim.url
[2014.12.08 11:33:33 | 000,000,222 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\Unturned.url
[2014.12.08 11:33:29 | 000,000,221 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\Sniper Elite V2.url
[2014.12.08 11:33:22 | 000,000,222 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\Saints Row IV.url
[2014.12.08 11:33:16 | 000,000,222 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\PlanetSide 2.url
[2014.12.08 11:33:11 | 000,000,222 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\Alien Isolation.url
[2014.12.08 11:33:06 | 000,000,222 | ---- | C] () -- C:\Users\LoniVanBuni\Desktop\PAYDAY 2.url
[2014.12.07 20:59:22 | 000,000,522 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d5001a5f-a972-4973-8a0d-87dd2a321522.job
[2014.12.07 20:59:22 | 000,000,522 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 1c850ab7-3c79-44c0-ad21-18ab2de2575a.job
[2014.12.07 15:58:58 | 000,007,605 | ---- | C] () -- C:\Users\LoniVanBuni\AppData\Local\Resmon.ResmonCfg
[2014.12.07 12:05:59 | 000,348,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014.12.07 08:39:46 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2014.12.07 08:39:20 | 000,348,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.12.07 08:39:20 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.12.07 08:39:19 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.12.07 02:19:19 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.12.07 02:16:53 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2014.12.07 01:04:20 | 000,001,122 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014.12.06 18:47:31 | 000,001,971 | ---- | C] () -- C:\Windows\patsearch.bin
[2014.12.06 18:47:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNewH_01009.Wdf
[2014.12.06 15:06:38 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.12.06 15:06:01 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014.12.06 00:07:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.12.05 23:37:32 | 000,002,168 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk
[2014.12.05 22:55:17 | 000,031,913 | ---- | C] () -- C:\Users\LoniVanBuni\Documents\23.wma
[2014.12.05 22:54:59 | 000,031,913 | ---- | C] () -- C:\Users\LoniVanBuni\Documents\Unbenannt.wma
[2014.12.04 22:37:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.12.04 19:01:39 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\spu_storage.bin
[2014.12.04 00:11:47 | 000,000,099 | ---- | C] () -- C:\Users\LoniVanBuni\AppData\Roaming\LauncherSettings_live.cfg
[2014.12.04 00:06:56 | 000,000,040 | ---- | C] () -- C:\Users\LoniVanBuni\AppData\Roaming\TheHunterSettings_steam_live.cfg
[2014.12.03 19:05:59 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2014.12.03 19:02:01 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.12.03 18:21:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.12.03 17:52:27 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.03 17:49:25 | 000,000,000 | ---- | C] () -- C:\Users\LoniVanBuni\AppData\Local\Driver_LOM_8161Present.flag
[2013.10.08 03:45:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.10.08 03:45:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.10.08 02:42:12 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.10.08 02:42:12 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.10.07 22:50:56 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014.12.06 20:45:15 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\.minecraft
[2014.12.09 00:15:29 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\AVAST Software
[2014.12.09 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\Curiolab
[2014.12.07 02:19:05 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\Enigma Software Group
[2014.12.06 20:40:30 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\java
[2014.12.09 01:06:40 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\Opera Software
[2014.12.03 20:43:01 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\Origin
[2014.12.07 19:15:22 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\QuickScan
[2014.12.04 00:06:57 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\theHunter
[2014.12.04 00:05:11 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\theHunterSteam
[2014.12.03 21:43:26 | 000,000,000 | ---D | M] -- C:\Users\LoniVanBuni\AppData\Roaming\Unity
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements

#2
DonnaB
Posted 09 December 2014 - 06:04 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi LoniVanBuni,

Welcome to Geeks to Go! :)

Give me a moment to look over your log. I will return shortly with my instructions.

Thank you,
Donna :)
  • 1

#3
DonnaB
Posted 09 December 2014 - 06:20 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi LoniVanBuni,

I see that you have two anti viruses running in realtime. The real-time protection of two or more antivirus programs may conflict with each other and cause the following:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
  • Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
  • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
  • Please click on your Start VISTAORB.jpg and go to Control Panel > Programs and Features and remove either Avast or Avira.

    Personally, I would choose to uninstall Avira. :)

    Please download ALL tools to your Desktop.

    Next:

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click AdwCleaner.exe to run the tool.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • Click the Scan button.
  • AdwCleaner will begin. Be patient as the scan may take some time to complete.
  • The contents of the scan results may be confusing. If you see a program name that you know should not be removed, uncheck the results and please let me know about it.
  • Click the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Next:

    OTL is located in your Downloads folder. Please move it to the desktop of your computer then do the following:
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
    [CREATERESTOREPOINT]

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *origin.com;*ea.com;*akamaihd.net;<local>
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:31626

    :Commands
    [resethosts]
    [emptytemp]

  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Next:
  • Download Farbar Recovery Scan Tool from here to your Desktop. Please choose the 64-bit version for your computer.
  • When completed, launch the downloaded file.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the Desktop. Please copy and paste it to your reply.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. Please post the following logs in your next reply:

    C:\AdwCleaner\AdwCleaner[S0].txt
    C:\_OTL\Moved Files
    FRST.txt
    Addition.txt

    Thank you,
    Donna :)

  • 0

#4
LoniVanBuni
Posted 09 December 2014 - 06:36 PM

LoniVanBuni

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

One of the step seems to have removed the adware! You can close the thread now, thank you very much for your time, donna :)


  • 0

#5
DonnaB
Posted 09 December 2014 - 06:43 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi LoniVanBuni,

That's good news! :)

Just because the symptoms are gone does not necessarily mean that the invader has been completely annihilated.

Please post the logs that I requested above and stay with me till I say you are clean.

Please! :)
  • 0

#6
LoniVanBuni
Posted 09 December 2014 - 06:57 PM

LoniVanBuni

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Okay then, here are the logs (the adwcleaner one is german if that's a problem i can redo the scan)

 

# AdwCleaner v4.105 - Bericht erstellt am 10/12/2014 um 01:32:26
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-08.2 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : LoniVanBuni - LONIVANBUNIS-PC
# Gestartet von : C:\Users\LoniVanBuni\Desktop\AdwCleaner.exe
# Option : Löschen
 
***** [ Dienste ] *****
 
Dienst Gelöscht : webinstrNewH
 
***** [ Dateien / Ordner ] *****
 
Datei Gelöscht : C:\Windows\System32\drivers\webinstrNewH.sys
Datei Gelöscht : C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Datei Gelöscht : C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
 
***** [ Tasks ] *****
 
 
***** [ Verknüpfungen ] *****
 
 
***** [ Registrierungsdatenbank ] *****
 
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
 
***** [ Browser ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Mozilla Firefox v
 
 
-\\ Chromium v
 
 
-\\ Opera v26.0.1656.32
 
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\LoniVanBuni\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
 
*************************
 
AdwCleaner[R0].txt - [11634 octets] - [06/12/2014 18:49:33]
AdwCleaner[R1].txt - [3052 octets] - [06/12/2014 19:31:00]
AdwCleaner[R2].txt - [1800 octets] - [06/12/2014 20:50:38]
AdwCleaner[R3].txt - [1675 octets] - [07/12/2014 01:54:09]
AdwCleaner[R4].txt - [1942 octets] - [08/12/2014 17:43:29]
AdwCleaner[R5].txt - [2360 octets] - [08/12/2014 20:14:47]
AdwCleaner[R6].txt - [4509 octets] - [10/12/2014 01:30:53]
AdwCleaner[S0].txt - [9837 octets] - [06/12/2014 18:50:34]
AdwCleaner[S1].txt - [2915 octets] - [06/12/2014 19:32:11]
AdwCleaner[S2].txt - [1663 octets] - [06/12/2014 20:52:12]
AdwCleaner[S3].txt - [1590 octets] - [07/12/2014 01:55:51]
AdwCleaner[S4].txt - [2011 octets] - [08/12/2014 17:51:24]
AdwCleaner[S5].txt - [2297 octets] - [08/12/2014 20:16:17]
AdwCleaner[S6].txt - [4430 octets] - [10/12/2014 01:32:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [4490 octets] ##########
 
 
 
 
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: LoniVanBuni
->Temp folder emptied: 13777647 bytes
->Temporary Internet Files folder emptied: 979673 bytes
->FireFox cache emptied: 5323471 bytes
->Flash cache emptied: 506 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6418 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 8090 bytes
 
Total Files Cleaned = 19,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 12102014_014651
 
Files\Folders moved on Reboot...
C:\Users\LoniVanBuni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-12-2014
Ran by LoniVanBuni (administrator) on LONIVANBUNIS-PC on 10-12-2014 01:52:10
Running from C:\Users\LoniVanBuni\Desktop
Loaded Profile: LoniVanBuni (Available profiles: LoniVanBuni)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.32\opera_crashreporter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.32\opera.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-09] (AVAST Software)
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-11-01] (AMD)
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-03] (Electronic Arts)
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=8&ar=msnhome
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 
FireFox:
========
FF ProfilePath: C:\Users\LoniVanBuni\AppData\Roaming\Mozilla\Firefox\Profiles\er6wx06q.default-1417913129901
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-09] (Avast Software)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-12-09] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2014-12-09] (Emsisoft GmbH)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-12-09] (Emsisoft GmbH)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-07] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-09] (Avast Software)
S3 cpuz134; \??\C:\Users\LONIVA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-10 01:51 - 2014-12-10 01:51 - 02119680 _____ (Farbar) C:\Users\LoniVanBuni\Downloads\FRST64.exe
2014-12-10 01:50 - 2014-12-10 01:50 - 00000197 _____ () C:\Windows\system32\2014-12-10-00-50-24.058-AvastVBoxSVC.exe-2900.log
2014-12-10 01:46 - 2014-12-10 01:46 - 00000000 ____D () C:\_OTL
2014-12-10 01:36 - 2014-12-10 01:36 - 00000197 _____ () C:\Windows\system32\2014-12-10-00-36-56.003-AvastVBoxSVC.exe-5864.log
2014-12-10 01:29 - 2014-12-10 01:29 - 02166272 _____ () C:\Users\LoniVanBuni\Desktop\AdwCleaner.exe
2014-12-10 00:21 - 2014-12-10 00:21 - 00000197 _____ () C:\Windows\system32\2014-12-09-23-21-38.099-AvastVBoxSVC.exe-5636.log
2014-12-10 00:16 - 2014-12-10 00:16 - 00077312 _____ (Emsisoft GmbH) C:\Windows\system32\eamclean.exe
2014-12-10 00:16 - 2014-12-10 00:16 - 00000166 _____ () C:\Windows\system32\eamclean.dat
2014-12-10 00:13 - 2014-12-10 00:13 - 00129364 _____ () C:\Users\LoniVanBuni\Downloads\OTL.Txt
2014-12-10 00:13 - 2014-12-10 00:13 - 00067952 _____ () C:\Users\LoniVanBuni\Downloads\Extras.Txt
2014-12-10 00:05 - 2014-12-10 00:20 - 00000000 ____D () C:\EEK
2014-12-10 00:05 - 2014-12-10 00:05 - 00602112 _____ (OldTimer Tools) C:\Users\LoniVanBuni\Downloads\OTL.exe
2014-12-10 00:05 - 2014-12-10 00:05 - 00602112 _____ (OldTimer Tools) C:\Users\LoniVanBuni\Desktop\OTL (1).exe
2014-12-10 00:05 - 2014-12-10 00:05 - 00000743 _____ () C:\Users\LoniVanBuni\Desktop\Start Emsisoft Emergency Kit.lnk
2014-12-09 23:58 - 2014-12-09 23:58 - 01188194 _____ () C:\Users\LoniVanBuni\Downloads\ProcessExplorer_1604.zip
2014-12-09 23:58 - 2014-12-09 23:58 - 01188194 _____ () C:\Users\LoniVanBuni\Downloads\ProcessExplorer_1604 (1).zip
2014-12-09 23:58 - 2014-09-11 07:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\LoniVanBuni\Desktop\procexp.exe
2014-12-09 23:58 - 2014-08-05 07:24 - 00072154 _____ () C:\Users\LoniVanBuni\Desktop\procexp.chm
2014-12-09 23:52 - 2014-12-09 23:56 - 166075400 _____ () C:\Users\LoniVanBuni\Downloads\EmsisoftEmergencyKit.exe
2014-12-09 23:51 - 2014-12-09 23:51 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Curiolab
2014-12-09 23:50 - 2014-12-10 00:06 - 00000000 ____D () C:\Program Files (x86)\Exterminate It!
2014-12-09 23:50 - 2014-12-09 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
2014-12-09 23:41 - 2014-12-09 23:41 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\VirtualStore
2014-12-09 23:07 - 2014-12-09 23:07 - 00000197 _____ () C:\Windows\system32\2014-12-09-22-07-35.066-AvastVBoxSVC.exe-3568.log
2014-12-09 18:38 - 2014-12-09 18:38 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Ubisoft
2014-12-09 13:00 - 2014-12-09 13:00 - 00000366 _____ () C:\Windows\DirectX.log
2014-12-09 02:59 - 2014-12-09 02:59 - 00000000 ____D () C:\Users\LoniVanBuni\Documents\WB Games
2014-12-09 02:17 - 2014-12-09 23:48 - 150228896 _____ (CURIOLAB S.M.B.A.) C:\Users\LoniVanBuni\Downloads\ExterminateItSetup (1).exe
2014-12-09 01:10 - 2014-12-09 01:10 - 00000247 _____ () C:\Windows\system32\2014-12-09-00-10-30.010-aswFe.exe-3044.log
2014-12-09 01:07 - 2014-12-09 01:08 - 02655860 _____ () C:\Users\LoniVanBuni\Downloads\azumanga daioh USSR.swf
2014-12-09 01:06 - 2014-12-09 23:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-09 01:06 - 2014-12-09 01:06 - 00003868 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1418083591
2014-12-09 01:06 - 2014-12-09 01:06 - 00001139 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-12-09 01:06 - 2014-12-09 01:06 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-09 01:06 - 2014-12-09 01:06 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Opera Software
2014-12-09 01:06 - 2014-12-09 01:06 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Opera Software
2014-12-09 01:04 - 2014-12-09 01:10 - 00000247 _____ () C:\Windows\system32\2014-12-09-00-04-23.021-aswFe.exe-4068.log
2014-12-09 01:04 - 2014-12-09 01:04 - 00000197 _____ () C:\Windows\system32\2014-12-09-00-04-15.014-AvastVBoxSVC.exe-5788.log
2014-12-09 01:00 - 2014-12-10 01:52 - 00016834 _____ () C:\Windows\WindowsUpdate.log
2014-12-09 00:57 - 2014-12-10 01:48 - 00000336 _____ () C:\Windows\setupact.log
2014-12-09 00:57 - 2014-12-10 01:33 - 00006294 _____ () C:\Windows\PFRO.log
2014-12-09 00:57 - 2014-12-09 00:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-09 00:20 - 2014-12-09 00:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-09 00:20 - 2014-12-09 00:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-09 00:16 - 2014-12-09 00:20 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-09 00:16 - 2014-12-09 00:20 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-09 00:15 - 2014-12-10 01:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-09 00:15 - 2014-12-09 00:21 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-09 00:15 - 2014-12-09 00:15 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\AVAST Software
2014-12-09 00:15 - 2014-12-09 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-09 00:14 - 2014-12-09 00:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-09 00:14 - 2014-12-09 00:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-09 00:13 - 2014-12-09 00:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-09 00:13 - 2014-12-09 00:13 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-09 00:09 - 2014-12-09 00:12 - 131078000 _____ (AVAST Software) C:\Users\LoniVanBuni\Downloads\avast_free_antivirus_setup.exe
2014-12-08 22:10 - 2014-12-10 01:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-08 22:10 - 2014-12-08 22:10 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-08 22:10 - 2014-12-08 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 22:10 - 2014-12-08 22:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-08 22:10 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-08 22:10 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-08 22:10 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-08 22:09 - 2014-12-08 22:09 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\LoniVanBuni\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-08 22:06 - 2014-12-10 01:52 - 00015896 _____ () C:\Users\LoniVanBuni\Desktop\FRST.txt
2014-12-08 22:04 - 2014-12-10 01:52 - 00000000 ____D () C:\FRST
2014-12-08 22:04 - 2014-12-08 22:04 - 02119680 _____ (Farbar) C:\Users\LoniVanBuni\Desktop\FRST64.exe
2014-12-08 21:49 - 2014-12-08 21:49 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Chromium
2014-12-08 20:58 - 2014-12-08 20:33 - 03130440 _____ () C:\Windows\SysWOW64\pbsvc_blr.exe
2014-12-08 20:12 - 2014-12-08 20:12 - 00775968 _____ (Reimage®) C:\Users\LoniVanBuni\Downloads\ReimageRepair.exe
2014-12-08 17:49 - 2014-12-08 17:50 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\LoniVanBuni\Downloads\SpyHunter-Installer.exe
2014-12-08 17:42 - 2014-12-08 17:42 - 02153472 _____ () C:\Users\LoniVanBuni\Downloads\adwcleaner_4.104 (1).exe
2014-12-08 17:39 - 2014-12-08 17:40 - 02953520 _____ (AVAST Software) C:\Users\LoniVanBuni\Downloads\avast-browser-cleanup.exe
2014-12-08 11:37 - 2014-12-08 11:37 - 00000220 _____ () C:\Users\LoniVanBuni\Desktop\Garry's Mod.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000222 _____ () C:\Users\LoniVanBuni\Desktop\Unturned.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000222 _____ () C:\Users\LoniVanBuni\Desktop\Saints Row IV.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000222 _____ () C:\Users\LoniVanBuni\Desktop\PlanetSide 2.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000222 _____ () C:\Users\LoniVanBuni\Desktop\PAYDAY 2.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000222 _____ () C:\Users\LoniVanBuni\Desktop\Alien Isolation.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000221 _____ () C:\Users\LoniVanBuni\Desktop\The Elder Scrolls V Skyrim.url
2014-12-08 11:33 - 2014-12-08 11:33 - 00000221 _____ () C:\Users\LoniVanBuni\Desktop\Sniper Elite V2.url
2014-12-08 00:41 - 2014-12-08 00:41 - 01402920 _____ () C:\Users\LoniVanBuni\Downloads\battlelog-web-plugins_2.5.1_149(1).exe
2014-12-07 22:59 - 2014-12-07 22:59 - 00000000 ____D () C:\SUPERDelete
2014-12-07 21:31 - 2014-12-07 21:31 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-07 21:28 - 2014-12-10 01:50 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\LogMeIn Hamachi
2014-12-07 21:28 - 2014-12-07 21:28 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\LogMeIn
2014-12-07 21:28 - 2014-12-07 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-07 21:28 - 2014-12-07 21:28 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-12-07 21:28 - 2014-12-07 21:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-07 21:27 - 2014-12-07 21:29 - 163918512 _____ () C:\Users\LoniVanBuni\Downloads\setup_11.0.3.8.x01_2014_12_07_21_36.exe
2014-12-07 21:27 - 2014-12-07 21:27 - 08536064 _____ () C:\Users\LoniVanBuni\Downloads\hamachi.msi
2014-12-07 20:59 - 2014-12-10 01:50 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-07 20:59 - 2014-12-09 20:59 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d5001a5f-a972-4973-8a0d-87dd2a321522.job
2014-12-07 20:59 - 2014-12-09 02:00 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1c850ab7-3c79-44c0-ad21-18ab2de2575a.job
2014-12-07 20:59 - 2014-12-07 20:59 - 00003622 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1c850ab7-3c79-44c0-ad21-18ab2de2575a
2014-12-07 20:59 - 2014-12-07 20:59 - 00003548 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d5001a5f-a972-4973-8a0d-87dd2a321522
2014-12-07 20:59 - 2014-12-07 20:59 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\SUPERAntiSpyware.com
2014-12-07 20:59 - 2014-12-07 20:59 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-07 20:59 - 2014-12-07 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-07 20:56 - 2014-12-07 20:58 - 20630616 _____ (SUPERAntiSpyware) C:\Users\LoniVanBuni\Downloads\SUPERAntiSpyware.exe
2014-12-07 19:56 - 2014-12-07 19:56 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\ESN
2014-12-07 19:12 - 2014-12-07 19:15 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\QuickScan
2014-12-07 18:50 - 2014-12-07 18:54 - 157735232 _____ () C:\Users\LoniVanBuni\Downloads\cureit.exe
2014-12-07 18:45 - 2014-12-07 18:45 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\SCE
2014-12-07 17:46 - 2014-12-08 10:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-12-07 17:46 - 2014-12-08 00:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-12-07 17:32 - 2014-12-07 17:44 - 16513448 _____ (Anvisoft) C:\Users\LoniVanBuni\Downloads\csbsetup.exe
2014-12-07 16:21 - 2014-12-07 16:21 - 00000000 ____D () C:\ProgramData\ATI
2014-12-07 15:58 - 2014-12-07 15:58 - 00007605 _____ () C:\Users\LoniVanBuni\AppData\Local\Resmon.ResmonCfg
2014-12-07 12:05 - 2014-12-09 21:51 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-07 12:05 - 2014-12-08 21:49 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\PunkBuster
2014-12-07 12:05 - 2014-12-07 12:06 - 00000000 ____D () C:\Users\LoniVanBuni\Documents\Battlefield 3
2014-12-07 12:05 - 2014-12-07 12:05 - 01402920 _____ () C:\Users\LoniVanBuni\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-12-07 12:05 - 2014-12-07 12:05 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-07 12:04 - 2014-12-07 12:04 - 00000000 ____D () C:\ProgramData\EA Core
2014-12-07 08:39 - 2014-12-09 21:51 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-07 08:39 - 2014-12-09 21:50 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-07 08:39 - 2014-12-09 19:05 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-07 08:39 - 2014-12-07 08:39 - 00001174 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-12-07 05:43 - 2014-12-07 05:46 - 138717846 _____ () C:\Users\LoniVanBuni\Downloads\RJ145726_trial.zip
2014-12-07 04:22 - 2014-12-07 04:22 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\LoniVanBuni\Downloads\sc-cleaner.exe
2014-12-07 04:22 - 2014-12-07 04:22 - 00001832 _____ () C:\sc-cleaner.txt
2014-12-07 04:21 - 2014-12-07 04:21 - 02347384 _____ (ESET) C:\Users\LoniVanBuni\Downloads\esetsmartinstaller_enu.exe
2014-12-07 04:02 - 2014-12-08 18:36 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-12-07 04:02 - 2014-12-08 18:36 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-12-07 04:01 - 2014-12-07 04:01 - 00753184 _____ () C:\Users\LoniVanBuni\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-12-07 03:10 - 2014-12-07 03:10 - 03026176 _____ (GridinSoft) C:\Users\LoniVanBuni\Downloads\TrojanKillerInstallerST.exe
2014-12-07 03:00 - 2010-03-08 11:10 - 00013824 _____ (Kephyr) C:\Windows\system32\ffnd.exe
2014-12-07 02:49 - 2014-12-07 02:50 - 02666167 _____ (Kephyr) C:\Users\LoniVanBuni\Downloads\freefixersetup.exe
2014-12-07 02:36 - 2014-12-07 02:36 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-12-07 02:35 - 2014-12-07 03:43 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-12-07 02:34 - 2014-12-07 02:34 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-12-07 02:33 - 2014-12-07 02:34 - 16409960 _____ (Safer Networking Limited ) C:\Users\LoniVanBuni\Downloads\spybotsd162.exe
2014-12-07 02:32 - 2014-12-07 02:32 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\MFAData
2014-12-07 02:19 - 2014-12-07 02:19 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Enigma Software Group
2014-12-07 02:19 - 2014-12-07 02:19 - 00000000 _____ () C:\autoexec.bat
2014-12-07 02:16 - 2014-12-07 02:16 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-12-07 02:14 - 2014-12-07 02:14 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\LoniVanBuni\Downloads\sh-remover.exe
2014-12-07 02:03 - 2014-12-07 02:03 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-07 02:03 - 2014-12-07 02:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-07 02:03 - 2014-12-07 02:03 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-07 02:02 - 2014-12-07 02:02 - 04036200 _____ (Piriform Ltd) C:\Users\LoniVanBuni\Downloads\ccsetup500_slim.exe
2014-12-07 01:04 - 2014-12-07 01:04 - 00001122 _____ () C:\Windows\system32\.crusader
2014-12-07 01:03 - 2014-12-07 01:04 - 04890736 _____ (Piriform Ltd) C:\Users\LoniVanBuni\Downloads\spsetup126.exe
2014-12-07 00:59 - 2014-12-07 00:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-07 00:56 - 2014-12-07 00:58 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\LoniVanBuni\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-07 00:56 - 2014-12-07 00:58 - 11222744 _____ (SurfRight B.V.) C:\Users\LoniVanBuni\Downloads\HitmanPro_x64.exe
2014-12-07 00:54 - 2014-12-07 00:54 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Macromedia
2014-12-07 00:53 - 2014-12-07 00:53 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Mozilla
2014-12-07 00:53 - 2014-12-07 00:53 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 00:49 - 2014-12-08 22:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-07 00:47 - 2014-12-07 00:47 - 00244264 _____ () C:\Users\LoniVanBuni\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-07 00:35 - 2014-12-07 00:35 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\PAYDAY 2
2014-12-06 21:33 - 2014-12-06 21:33 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Apps\2.0
2014-12-06 20:43 - 2014-12-06 20:44 - 00367332 _____ (http://magiclauncher.com) C:\Users\LoniVanBuni\Downloads\MagicLauncher_1.1.7.exe
2014-12-06 20:41 - 2014-12-06 20:41 - 00398392 _____ () C:\Users\LoniVanBuni\Downloads\ShadersMod-v2.3.19mc1.7.10-installer.jar
2014-12-06 20:40 - 2014-12-06 20:45 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\.minecraft
2014-12-06 20:40 - 2014-12-06 20:40 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\java
2014-12-06 20:39 - 2014-12-06 20:39 - 00862484 _____ () C:\Users\LoniVanBuni\Downloads\OptiFine_1.8.1_HD_U_B2.jar
2014-12-06 20:39 - 2014-12-06 20:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-06 20:39 - 2014-12-06 20:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-06 20:39 - 2014-12-06 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-06 20:39 - 2014-12-06 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-06 20:33 - 2014-12-06 20:33 - 00675988 _____ () C:\Users\LoniVanBuni\Downloads\Minecraft.exe
2014-12-06 20:10 - 2014-12-07 00:53 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Mozilla
2014-12-06 20:08 - 2014-12-10 01:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-06 20:08 - 2014-12-06 20:10 - 00000000 ____D () C:\ProgramData\Avira
2014-12-06 19:43 - 2014-12-06 19:51 - 154051656 _____ () C:\Users\LoniVanBuni\Downloads\avira_free_antivirus468_de.exe
2014-12-06 19:42 - 2014-12-06 19:55 - 201526592 _____ (Kaspersky Lab) C:\Users\LoniVanBuni\Downloads\kav15.0.1.415EN_6913.exe
2014-12-06 18:49 - 2014-12-10 01:32 - 00000000 ____D () C:\AdwCleaner
2014-12-06 18:49 - 2014-12-08 20:14 - 00000330 _____ () C:\AdwCleanerDebug.txt
2014-12-06 18:48 - 2014-12-06 18:48 - 02153472 _____ () C:\Users\LoniVanBuni\Downloads\adwcleaner_4.104.exe
2014-12-06 18:47 - 2014-12-06 18:47 - 00001971 _____ () C:\Windows\patsearch.bin
2014-12-06 18:47 - 2014-12-06 18:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-06 18:44 - 2014-12-06 18:44 - 00003694 _____ () C:\Windows\System32\Tasks\StormFall W1
2014-12-06 18:44 - 2014-12-06 18:44 - 00003694 _____ () C:\Windows\System32\Tasks\StormFall TW2
2014-12-06 18:44 - 2014-12-06 18:44 - 00003694 _____ () C:\Windows\System32\Tasks\StormFall TW1
2014-12-06 18:42 - 2014-12-06 20:14 - 00000000 ____D () C:\Windows\SysWOW64\docksbdrop32
2014-12-06 18:16 - 2014-12-07 16:03 - 00000000 ____D () C:\Program Files (x86)\4chan Image Downloader
2014-12-06 18:12 - 2014-12-06 18:13 - 01188607 _____ (Bradley Jones ) C:\Users\LoniVanBuni\Downloads\4chan Image Downloader Setup.exe
2014-12-06 17:47 - 2014-12-06 17:47 - 00725064 _____ () C:\Users\LoniVanBuni\Downloads\SkyKids Page Archive.zip
2014-12-06 17:20 - 2014-12-06 17:24 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\SniperV2
2014-12-06 17:05 - 2014-12-06 17:06 - 02589760 _____ (Beepa Pty Ltd) C:\Users\LoniVanBuni\Downloads\Fraps-Vollversion by Michi.exe
2014-12-06 15:45 - 2014-12-06 15:45 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\WinRAR
2014-12-06 15:42 - 2014-12-06 15:42 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-06 15:42 - 2014-12-06 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-06 15:42 - 2014-12-06 15:42 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-06 15:41 - 2014-12-06 15:41 - 01941064 _____ () C:\Users\LoniVanBuni\Downloads\winrar-x64-520.exe
2014-12-06 15:24 - 2014-12-06 15:24 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Skyrim
2014-12-06 15:06 - 2014-12-06 15:07 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Apple Computer
2014-12-06 15:06 - 2014-12-06 15:06 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-06 15:06 - 2014-12-06 15:06 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Apple Computer
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Apple
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Program Files\iTunes
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Program Files\iPod
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-06 15:06 - 2014-12-06 15:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-06 15:06 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-06 15:05 - 2014-12-06 15:06 - 00000000 ____D () C:\ProgramData\Apple
2014-12-06 15:05 - 2014-12-06 15:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-06 14:54 - 2014-12-06 14:54 - 00000023 _____ () C:\Users\LoniVanBuni\Desktop\WLANPASSWORT.txt
2014-12-06 12:55 - 2014-12-06 12:57 - 11002384 _____ (Learnpulse) C:\Users\LoniVanBuni\Downloads\Screenpresso.exe
2014-12-06 00:12 - 2014-12-06 00:12 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-06 00:07 - 2014-12-06 00:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-12-05 23:56 - 2014-12-06 00:11 - 00000000 ____D () C:\Users\LoniVanBuni\Desktop\Enterbrain
2014-12-05 23:50 - 2014-12-10 00:18 - 00000000 ____D () C:\Users\LoniVanBuni\Desktop\RPGVXAce
2014-12-05 23:47 - 2014-12-10 00:18 - 00000000 ____D () C:\Users\LoniVanBuni\Desktop\Content
2014-12-05 23:37 - 2014-12-05 23:56 - 00002168 _____ () C:\Users\Public\Desktop\Oblivion.lnk
2014-12-05 23:37 - 2014-12-05 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-12-05 23:37 - 2014-12-05 23:37 - 00000000 ____D () C:\Program Files (x86)\Bethesda Softworks
2014-12-05 23:36 - 2014-12-06 00:11 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Oblivion
2014-12-05 23:22 - 2014-12-09 13:00 - 00000000 ____D () C:\Users\LoniVanBuni\Documents\My Games
2014-12-05 23:22 - 2014-12-05 23:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-05 22:55 - 2014-12-05 22:55 - 00031913 _____ () C:\Users\LoniVanBuni\Documents\23.wma
2014-12-05 22:54 - 2014-12-05 22:54 - 00031913 _____ () C:\Users\LoniVanBuni\Documents\Unbenannt.wma
2014-12-05 21:36 - 2014-12-05 21:44 - 122418480 _____ (Apple Inc.) C:\Users\LoniVanBuni\Downloads\iTunes64Setup.exe
2014-12-04 22:58 - 2014-12-09 00:56 - 00000000 ____D () C:\Program Files\VideoLAN
2014-12-04 22:39 - 2014-12-04 22:39 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-12-04 22:37 - 2014-12-04 22:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-12-04 19:24 - 2014-12-04 19:24 - 00018054 _____ () C:\Users\LoniVanBuni\Downloads\PongClok2.zip
2014-12-04 19:01 - 2014-12-04 19:01 - 00000000 _____ () C:\Windows\system32\spu_storage.bin
2014-12-04 18:46 - 2014-12-04 18:46 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-04 18:39 - 2013-10-09 04:28 - 251923104 _____ (AMD Inc.) C:\Users\LoniVanBuni\Downloads\amd.exe
2014-12-04 18:37 - 2014-12-04 18:37 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Google
2014-12-04 01:00 - 2014-12-07 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pong Screensaver
2014-12-04 01:00 - 2014-12-04 01:00 - 00866268 _____ () C:\Users\LoniVanBuni\Downloads\setup_pong.exe
2014-12-04 00:58 - 2014-12-07 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pong Clock
2014-12-04 00:58 - 2014-12-04 00:58 - 00875126 _____ () C:\Users\LoniVanBuni\Downloads\pong_clock.zip
2014-12-04 00:58 - 2014-12-04 00:58 - 00000000 ____D () C:\Users\LoniVanBuni\Downloads\pong_clock
2014-12-04 00:57 - 2014-12-04 00:57 - 01174352 _____ () C:\Users\LoniVanBuni\Downloads\Pong Clock Screensaver - CHIP-Installer.exe
2014-12-04 00:11 - 2014-12-04 23:24 - 00000099 _____ () C:\Users\LoniVanBuni\AppData\Roaming\LauncherSettings_live.cfg
2014-12-04 00:07 - 2014-12-04 00:07 - 00000000 ____D () C:\Users\LoniVanBuni\Documents\theHunter
2014-12-04 00:06 - 2014-12-04 00:06 - 00000040 _____ () C:\Users\LoniVanBuni\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-12-04 00:06 - 2014-12-04 00:06 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\theHunter
2014-12-04 00:06 - 2014-12-04 00:06 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\theHunter
2014-12-04 00:05 - 2014-12-04 00:05 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\theHunterSteam
2014-12-03 23:13 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-03 23:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-03 23:13 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-03 23:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-03 23:13 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-03 23:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-03 21:43 - 2014-12-03 21:43 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Unity
2014-12-03 21:38 - 2014-12-09 00:56 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Unity
2014-12-03 21:38 - 2014-12-03 21:38 - 01081992 _____ (Unity Technologies ApS) C:\Users\LoniVanBuni\Downloads\UnityWebPlayer.exe
2014-12-03 20:50 - 2014-12-03 20:50 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Macromedia
2014-12-03 20:50 - 2014-12-03 20:50 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Adobe
2014-12-03 20:47 - 2014-12-03 21:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 20:47 - 2014-12-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-03 20:46 - 2014-12-03 21:39 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Adobe
2014-12-03 20:46 - 2014-12-03 20:46 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-03 20:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-03 20:39 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-03 20:39 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-03 20:39 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-03 20:39 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-03 20:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-03 20:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-03 20:39 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-03 20:39 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-03 20:39 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-03 20:39 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-03 20:39 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-03 20:39 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-03 20:39 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-03 20:39 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-03 20:39 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-03 20:39 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-03 20:39 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-03 20:39 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-03 20:39 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-03 20:39 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-03 20:39 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-03 20:39 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-03 20:39 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-03 20:39 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-03 20:39 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-03 20:39 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-03 20:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-03 20:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-03 20:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-03 20:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-03 20:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-03 20:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-03 20:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-03 20:39 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-12-03 20:39 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-03 20:39 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-12-03 20:39 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-03 20:39 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-12-03 20:39 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-03 20:39 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-03 20:39 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-03 20:39 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-03 20:39 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-03 20:39 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-03 20:39 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-03 20:39 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-03 20:39 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-03 20:39 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-03 20:39 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-03 20:39 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-03 20:39 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-03 20:39 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-03 20:39 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-03 20:39 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-03 20:39 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-03 20:39 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-03 20:39 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-03 20:39 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-03 20:39 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-03 20:39 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-03 20:39 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-03 20:39 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-03 20:39 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-03 20:39 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-03 20:39 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-03 20:39 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-03 20:39 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-03 20:39 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-03 20:39 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-03 20:39 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-03 20:39 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-03 20:39 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-03 20:39 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-03 20:39 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-03 20:39 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-03 20:39 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-03 20:39 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-03 20:39 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-03 20:39 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-03 20:39 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-03 20:39 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-03 20:39 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-03 20:39 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-03 20:39 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-03 20:39 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-03 20:39 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-03 20:39 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-03 20:39 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-03 20:39 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-03 20:39 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-03 20:39 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-03 20:39 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-03 20:39 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-03 20:39 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-03 20:39 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-12-03 20:39 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-03 20:39 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-03 20:39 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-03 20:39 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-03 20:39 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-03 20:39 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-03 20:39 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-03 20:39 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-03 20:30 - 2014-12-03 20:39 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-03 20:30 - 2014-12-03 20:30 - 00292184 _____ (Microsoft Corporation) C:\Users\LoniVanBuni\Downloads\dxwebsetup.exe
2014-12-03 19:10 - 2014-12-04 06:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 19:08 - 2014-12-03 20:43 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Roaming\Origin
2014-12-03 19:08 - 2014-12-03 19:11 - 00000000 ____D () C:\Users\LoniVanBuni\AppData\Local\Origin
2014-12-03 19:06 - 2014-12-10 00:19 - 00000000 ____D () C:\ProgramData\Origin
2014-12-03 19:05 - 2014-12-10 01:50 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-03 19:05 - 2014-12-07 12:04 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-12-03 19:05 - 2014-12-03 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-12-03 19:05 - 2014-12-03 19:05 - 00000983 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-12-03 19:02 - 2014-12-10 01:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-03 19:02 - 2014-12-03 19:02 - 17103000 _____ (Electronic Arts, Inc.) C:\Users\LoniVanBuni\Downloads\OriginThinSetup.exe
2014-12-03 19:02 - 2014-12-03 19:02 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-03 19:02 - 2014-12-03 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-03 19:01 - 2014-12-03 19:01 - 01142392 _____ () C:\Users\LoniVanBuni\Downloads\SteamSetup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-10 01:48 - 2013-12-03 17:43 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 01:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-10 01:41 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 01:41 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 01:39 - 2011-04-12 08:43 - 00697468 _____ () C:\Windows\system32\perfh007.dat
2014-12-10 01:39 - 2011-04-12 08:43 - 00148164 _____ () C:\Windows\system32\perfc007.dat
2014-12-10 01:39 - 2009-07-14 06:13 - 01614718 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-10 01:38 - 2013-12-03 17:43 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-09 23:03 - 2014-01-18 23:57 - 00000000 ____D () C:\Windows\Panther
2014-12-09 01:22 - 2013-12-03 16:51 - 00000000 ____D () C:\Users\LoniVanBuni
2014-12-09 00:54 - 2013-12-03 17:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-07 18:29 - 2013-12-03 16:51 - 00001317 _____ () C:\Users\LoniVanBuni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-12-07 08:39 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-07 00:48 - 2013-12-03 16:51 - 00001182 _____ () C:\Users\LoniVanBuni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-06 21:33 - 2013-12-03 17:43 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-06 21:33 - 2013-12-03 17:43 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-05 23:37 - 2013-12-03 17:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-04 23:08 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-04 20:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-04 18:46 - 2013-12-03 18:12 - 00000000 ____D () C:\ProgramData\AMD
2014-12-04 18:45 - 2013-12-03 17:52 - 01588294 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-04 18:42 - 2013-12-03 18:20 - 00000000 ____D () C:\AMD
2014-12-04 00:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-03 21:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-09 11:14
 
==================== End Of Log ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-12-2014
Ran by LoniVanBuni at 2014-12-10 01:52:47
Running from C:\Users\LoniVanBuni\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
AMD Catalyst Install Manager (HKLM\...\{EFCE1C2E-27D8-255F-9EAE-0D1291ED4188}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - Zombie, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Exterminate It! (HKLM-x32\...\Exterminate It!) (Version: 2.12.12.09 - CURIOLAB S.M.B.A.)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gotham City Impostors: Free To Play (HKLM-x32\...\Steam App 206210) (Version:  - Monolith Productions, Inc.)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
No More Room in [bleep] (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in [bleep] Team)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Opera Stable 26.0.1656.32 (HKLM-x32\...\Opera 26.0.1656.32) (Version: 26.0.1656.32 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-4173791350-3012852754-3436194651-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
theHunter (HKLM-x32\...\Steam App 253710) (Version:  - Expansive Worlds)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
08-12-2014 19:57:34 DirectX wurde installiert
08-12-2014 19:58:21 Installed NVIDIA PhysX
08-12-2014 20:00:01 DirectX wurde installiert
08-12-2014 21:02:05 Removed Apple Application Support
08-12-2014 23:13:35 avast! antivirus system restore point
08-12-2014 23:19:06 avast! antivirus system restore point
09-12-2014 00:14:33 Microsoft Visual C++ 2005 Redistributable wird entfernt
09-12-2014 01:57:24 DirectX wurde installiert
09-12-2014 12:00:11 DirectX wurde installiert
09-12-2014 15:36:53 Removed Bonjour
09-12-2014 16:06:50 Windows Modules Installer
09-12-2014 17:37:58 DirectX wurde installiert
10-12-2014 00:47:03 OTL Restore Point - 10.12.2014 01:47:02
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2014-12-10 01:47 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {15D3AB94-F7A7-4537-9B67-604B7D215079} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {1647DE61-45FF-478F-BD2E-8979443CF543} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {20D2C5BA-040D-4F4C-9B80-2BB2B2863DF3} - System32\Tasks\SUPERAntiSpyware Scheduled Task d5001a5f-a972-4973-8a0d-87dd2a321522 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {45976064-4892-4497-A130-387A85F38C19} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1c850ab7-3c79-44c0-ad21-18ab2de2575a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {55013304-890D-4446-9ECF-82C015A4A06A} - System32\Tasks\Opera scheduled Autoupdate 1418083591 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-25] (Opera Software)
Task: {59661F90-4D80-45B5-86B4-2110315F8994} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {6BCA9C26-2C82-4295-8774-F7099FE7173E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {8C95866B-E037-448F-817D-ADB964815E7C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: {A3D30607-6162-425A-A6C0-8E104C4333ED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A98E9A25-51D6-47D5-8B5A-27B268C7514F} - System32\Tasks\StormFall TW2 => Chrome.exe --app=http://plarium.com/p...ublisherID=1_33 --app-window-size=1920,1080
Task: {BBD7A3F4-42E4-4DEA-9F63-9B8D30CEEA17} - System32\Tasks\StormFall W1 => Chrome.exe --app=http://plarium.com/p...ublisherID=1_33 --app-window-size=1920,1080
Task: {BE07DB2E-C5C3-4E50-B9E4-7F2D43212091} - System32\Tasks\StormFall TW1 => Chrome.exe --app=http://plarium.com/p...ublisherID=1_33 --app-window-size=1920,1080
Task: {F3B296E2-3C72-47C3-AFF9-B4850B8D9799} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4173791350-3012852754-3436194651-1000
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1c850ab7-3c79-44c0-ad21-18ab2de2575a.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d5001a5f-a972-4973-8a0d-87dd2a321522.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-12-07 08:39 - 2014-12-09 19:05 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 00:20 - 2014-12-09 00:20 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-09 00:20 - 2014-12-09 00:20 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-08-08 14:30 - 2013-08-08 14:30 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2013-11-01 11:46 - 2013-11-01 11:46 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-09 01:06 - 2014-11-25 10:57 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.32\opera_crashreporter.exe
2014-12-09 21:13 - 2014-12-09 21:13 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120901\algo.dll
2014-12-09 00:20 - 2014-12-09 00:20 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-12-03 19:08 - 2014-12-03 19:08 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-12-03 19:19 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-03 19:19 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-03 19:19 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-03 19:19 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 19:19 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-03 19:19 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-03 19:19 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-03 19:19 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-12-09 00:20 - 2014-12-09 00:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-03 19:19 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-09 01:06 - 2014-11-25 10:57 - 01358456 _____ () C:\Program Files (x86)\Opera\26.0.1656.32\libglesv2.dll
2014-12-09 01:06 - 2014-11-25 10:57 - 00219256 _____ () C:\Program Files (x86)\Opera\26.0.1656.32\libegl.dll
2014-12-09 01:06 - 2014-11-25 10:57 - 09312888 _____ () C:\Program Files (x86)\Opera\26.0.1656.32\pdf.dll
2014-12-09 01:06 - 2014-11-25 10:57 - 00991352 _____ () C:\Program Files (x86)\Opera\26.0.1656.32\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: gmsd_de_11 => 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-4173791350-3012852754-3436194651-500 - Administrator - Disabled)
Gast (S-1-5-21-4173791350-3012852754-3436194651-501 - Limited - Disabled)
LoniVanBuni (S-1-5-21-4173791350-3012852754-3436194651-1000 - Administrator - Enabled) => C:\Users\LoniVanBuni
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/10/2014 01:49:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 01:45:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (12/10/2014 01:34:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 00:18:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/09/2014 11:05:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/09/2014 07:07:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bf3.exe, Version: 1.6.0.0, Zeitstempel: 0x511c9356
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba58
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038da9
ID des fehlerhaften Prozesses: 0xa34
Startzeit der fehlerhaften Anwendung: 0xbf3.exe0
Pfad der fehlerhaften Anwendung: bf3.exe1
Pfad des fehlerhaften Moduls: bf3.exe2
Berichtskennung: bf3.exe3
 
Error: (12/09/2014 01:06:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce7a313
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000001cd01e20
ID des fehlerhaften Prozesses: 0xfb8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
 
Error: (12/09/2014 01:00:08 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
 
 
Details:
Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/09/2014 01:00:08 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
 
 
Details:
Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/09/2014 01:00:08 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
 
Kontext: Windows Anwendung
 
 
Details:
Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (12/10/2014 01:48:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
 
Error: (12/10/2014 01:33:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
 
Error: (12/10/2014 00:19:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
 
Error: (12/09/2014 11:05:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
 
Error: (12/09/2014 11:03:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎12.‎2014 um 22:59:28 unerwartet heruntergefahren.
 
Error: (12/09/2014 01:00:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 
Error: (12/09/2014 01:00:08 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
 
Error: (12/09/2014 00:59:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
 
Error: (12/09/2014 00:58:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053
 
Error: (12/09/2014 00:58:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
 
 
Microsoft Office Sessions:
=========================
Error: (12/10/2014 01:49:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 01:45:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\LoniVanBuni\Downloads\esetsmartinstaller_enu.exe
 
Error: (12/10/2014 01:34:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 00:18:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/09/2014 11:05:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/09/2014 07:07:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bf3.exe1.6.0.0511c9356ntdll.dll6.1.7601.175144ce7ba58c000000500038da9a3401d013db06ae5ea0C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exeC:\Windows\SysWOW64\ntdll.dll48d71c39-7fce-11e4-aec8-d050990b894e
 
Error: (12/09/2014 01:06:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7601.175144ce7a313unknown0.0.0.000000000c0000005000000001cd01e20fb801d01342e20a3c6cC:\Program Files\Internet Explorer\iexplore.exeunknown37913637-7f37-11e4-aec8-d050990b894e
 
Error: (12/09/2014 01:00:08 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (12/09/2014 01:00:08 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/09/2014 01:00:08 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
 
 
Details:
Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
==================== Memory info =========================== 
 
Processor: AMD A10-6700 APU with Radeon™ HD Graphics 
Percentage of memory in use: 30%
Total physical RAM: 8113.27 MB
Available physical RAM: 5621.96 MB
Total Pagefile: 16224.75 MB
Available Pagefile: 13477.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:594.2 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C89D3B71)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#7
DonnaB
Posted 09 December 2014 - 08:04 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi there. Sorry for the delay.

(the adwcleaner one is german if that's a problem i can redo the scan)

Not a problem at all! ;)

Your Chrome browser looks a bit wonky.

Please follow the instructions HERE to reset chrome.

Just a couple things to remove to clean up your browsers. The uninstallation of Avira left behind a service so we'll get rid of that, too. Please do as follows:

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Open notepad
  • Please copy the entire contents of the quote box below and paste into notepad.

    start
    R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
    FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
    host:
    EmptyTemp:
    reboot:
    end

  • Click on File > Save as.., name it fixlist.txt and save it to your desktop.
  • Click to open FRST64.exe
  • This time press the Fix button.
  • It will make a log (Fix.txt) on the desktop. Please copy and paste this log in your next reply.

  • 0

#8
LoniVanBuni
Posted 09 December 2014 - 08:25 PM

LoniVanBuni

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I accidentally deleted the first fixlog.txt, as i mistook it for my fixlist.txt  :oops:  Anyways, here is the second one (i did the process 2 times)

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-12-2014
Ran by LoniVanBuni at 2014-12-10 03:21:26 Run:2
Running from C:\Users\LoniVanBuni\Desktop
Loaded Profile: LoniVanBuni (Available profiles: LoniVanBuni)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
host:
EmptyTemp:
reboot:
end
*****************
 
Avira.OE.ServiceHost => Service not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@omaha.maxiget.com/Maxiget Updater;version=3" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@omaha.maxiget.com/Maxiget Updater;version=9" => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
host: => Error: No automatic fix found for this entry.
EmptyTemp: => Removed 14.7 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#9
DonnaB
Posted 09 December 2014 - 08:40 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
That's fine. The 2nd log shows me that nothing was found to be removed.

You're clean! Have you had any issues to speak of? If not, go ahead and run the following program to clean up the tools used. I would like to see the log it generates to make sure everything was removed properly.

Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.

  • 0

#10
LoniVanBuni
Posted 09 December 2014 - 08:51 PM

LoniVanBuni

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Done!
 
 
# DelFix v10.8 - Datei am 10/12/2014 um 03:50:11 erstellt
# Aktualisiert am 29/07/2014 von Xplode
# Benutzer : LoniVanBuni - LONIVANBUNIS-PC
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
 
~ Entferne die Bereinigungsprogramme ...
 
Gelöscht : C:\_OTL
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\AdwCleanerDebug.txt
Gelöscht : C:\sc-cleaner.txt
Gelöscht : C:\Users\LoniVanBuni\Desktop\Fixlog.txt
Gelöscht : C:\Users\LoniVanBuni\Desktop\FRST64.exe
Gelöscht : C:\Users\LoniVanBuni\Desktop\OTL (1).exe
Gelöscht : C:\Users\LoniVanBuni\Downloads\adwcleaner_4.104 (1).exe
Gelöscht : C:\Users\LoniVanBuni\Downloads\adwcleaner_4.104.exe
Gelöscht : C:\Users\LoniVanBuni\Downloads\esetsmartinstaller_enu.exe
Gelöscht : C:\Users\LoniVanBuni\Downloads\Extras.Txt
Gelöscht : C:\Users\LoniVanBuni\Downloads\FRST64.exe
Gelöscht : C:\Users\LoniVanBuni\Downloads\OTL.Txt
Gelöscht : C:\Users\LoniVanBuni\Downloads\OTL.exe
Gelöscht : C:\Users\LoniVanBuni\Downloads\sc-cleaner.exe
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner
 
~ Lösche die Wiederherstellungspunkte ...
 
Gelöscht : RP #35 [DirectX wurde installiert | 12/08/2014 19:57:34]
Gelöscht : RP #36 [Installed NVIDIA PhysX | 12/08/2014 19:58:21]
Gelöscht : RP #37 [DirectX wurde installiert | 12/08/2014 20:00:01]
Gelöscht : RP #38 [Removed Apple Application Support | 12/08/2014 21:02:05]
Gelöscht : RP #39 [avast! antivirus system restore point | 12/08/2014 23:13:35]
Gelöscht : RP #40 [avast! antivirus system restore point | 12/08/2014 23:19:06]
Gelöscht : RP #41 [Microsoft Visual C++ 2005 Redistributable wird entfernt | 12/09/2014 00:14:33]
Gelöscht : RP #42 [DirectX wurde installiert | 12/09/2014 01:57:24]
Gelöscht : RP #43 [DirectX wurde installiert | 12/09/2014 12:00:11]
Gelöscht : RP #44 [Removed Bonjour | 12/09/2014 15:36:53]
Gelöscht : RP #45 [Windows Modules Installer | 12/09/2014 16:06:50]
Gelöscht : RP #46 [DirectX wurde installiert | 12/09/2014 17:37:58]
Gelöscht : RP #47 [OTL Restore Point - 10.12.2014 01:47:02 | 12/10/2014 00:47:03]
 
Ein neuer Wiederherstellungspunkt wurde erstellt !
 
~ Stelle die Systemeinstellungen wieder her ... OK
 
########## - EOF - ##########

  • 0

#11
DonnaB
Posted 09 December 2014 - 08:55 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
smiley-cool03.gif Looks good to me! If you have no other questions or concerns you are now done!

It's been a pleasure helping you! :)

Happy surfing and stay safe!

Donna :)
  • 0

#12
LoniVanBuni
Posted 09 December 2014 - 08:56 PM

LoniVanBuni

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thanks a lot for the help :D Take care.


  • 0

#13
DonnaB
Posted 09 December 2014 - 08:57 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
You're most welcome! :)

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: adware, virus, help, blocknsurf, blockandsurf

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP