All software updates for Micromax A107

Advertising garbage underlined twice in green

Advertising garbage underlined twice in green



Hy
I have already read that this is probably not a Trojan, but an "innovative" form of advertising for the benefit of users.
I also caught the thing from someone.

I therefore need help to get rid of the crap and would be grateful for any information on who is working with this crap.

I want to throw any program from my computer that supports this form of advertising.

Since the instructions differ greatly and there seem to be several different ones, I don't want to blindly follow any existing instructions .....

So thanks for the help in advance!

Frst:
FRST log file:

FRST log file:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 Ran by Peter (administrator) on ERGO on 15-07-2014 18:37:59 Running from C: \ instmp Platform: Windows 8.1 Pro (X64) OS Language: German (Germany) Internet Explorer Version 11 Boot Mode: Normal ===================== Processes (Whitelisted) ====== =========== (AMD) C: \ Windows \ System32 \ atiesrxx.exe (AMD) C: \ Windows \ System32 \ atieclxx.exe () C: \ Windows \ oem.exe (ArcSoft Inc .) C: \ Program Files (x86) \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACService.exe (Microsoft Corporation) C: \ Windows \ System32 \ dasHost.exe () C: \ Program Files (x86) \ Universal Updater \ UpdaterService.exe (My Digital Life Forums) C: \ Windows \ KMSEmu.exe (Microsoft Corporation) C: \ Windows \ SysWOW64 \ wbem \ WmiPrvSE.exe (Google Inc.) C: \ Program Files (x86) \ Google \ Update \ 1.3.24.15 \ GoogleCrashHandler.exe (Google Inc.) C: \ Program Files (x86) \ Google \ Update \ 1.3.24.15 \ GoogleCrashHandler64.exe (PriceMeter) C: \ Program Files (x86) \ PriceMeterLiveUpdate \ Update \ P riceMeterLiveUpdate.exe (Nero AG) C: \ Program Files (x86) \ Nero \ Update \ NASvc.exe (ITE Tech. Inc.) C: \ Windows \ System32 \ IRMonitor.exe (Almico Software (www.almico.com)) C: \ Program Files (x86) \ SpeedFan \ speedfan.exe (Microsoft Corporation) C: \ Program Files \ WindowsApps \ microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe \ livecomm.exe (Microsoft Corporation) C: \ Windows \ System32 \ SkyDrive.exe (DT Soft Ltd) C: \ Program Files (x86) \ DAEMON Tools Pro \ DTShellHlp.exe (ACD Systems) C: \ Program Files \ ACD Systems \ ACDSee Pro \ 7.0 \ acdIDInTouch2.exe (Pixart Imaging Inc) C: \ Windows \ System32 \ TiltWheelMouse.exe (Samsung) C: \ Program Files (x86) \ Samsung \ Kies \ Kies. exe (Microsoft Corporation) C: \ Windows \ System32 \ StikyNot.exe (Samsung) C: \ Program Files (x86) \ Samsung \ Kies \ External \ FirmwareUpdate \ KiesPDLR.exe (ArcSoft, Inc.) C: \ Program Files ( x86) \ ArcSoft \ TotalMedia 3.5 \ TMMonitor.exe (Advanced Micro Devices Inc.) C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe (Samsung Electronics Co., Ltd.) C: \ Program Files (x86) \ Samsung \ Kies \ KiesTrayAgent.exe (ATI Technologies Inc.) C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CCC.exe (André Rübel) C: \ Program Files (x86) \ DMEX \ dmextoolmenu \ dmextoolmenu.exe (Logitech Inc.) C: \ Program Files (x86) \ Logitech \ LWS \ Webcam Software \ LWS.exe () C: \ Program Files (x86) \ Logitech \ LWS \ Webcam Software \ CameraHelperShell.exe (ArcSoft Inc.) C: \ Program Files (x86) \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe (CyberLink Corp.) C: \ Program Files (x86) \ CyberLink \ PowerDVD10 \ PDVD10Serv.exe (cyberlink) C: \ Program Files (x86) \ CyberLink \ Shared files \ brs.exe () C: \ Program Files (x86) \ Universal Updater \ CrashMon.exe (Microsoft Corporation) C: \ Windows \ System32 \ SettingSyncHost.exe (Ghisler Software GmbH) C: \ Program Files (x86) \ totalcmd \ TOTALCMD64.EXE (VideoLAN) C: \ Program Files (x86) \ VideoLAN \ VLC \ vlc.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe () C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera_crashreporter.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files ( x86) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe (Valve Corporation) C: \ Program Files (x86) \ Steam \ Steam .exe (Valve Corporation) C: \ Program Files (x86) \ Common Files \ Steam \ SteamService.exe () C: \ Program Files (x86) \ Isis \ isis.exe (Opera Software) C: \ Program Files (x86 ) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0. 1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe (Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe ( Opera Software) C: \ Program Files (x86) \ Opera \ 22.0.1471.70 \ opera.exe ===================== Registry (Whitelisted) ===== ============= HKLM \ ... \ Run: [ACPW07DE] => C: \ Program Files \ ACD Systems \ ACDSee Pro \ 7.0 \ acdIDInTouc h2.exe [1739080 2013-09-25] (ACD Systems) HKLM \ ... \ Run: [ACPW07EN] => C: \ Program Files \ ACD Systems \ ACDSee Pro \ 7.0 \ acdIDInTouch2.exe [1739080 2013-09 -25] (ACD Systems) HKLM \ ... \ Run: [MouseDriver] => C: \ Windows \ system32 \ TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM-x32 \ ... \ Run: [StartCCC] => C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ amd64 \ CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM -x32 \ ... \ Run: [Adobe ARM] => C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM -x32 \ ... \ Run: [KiesTrayAgent] => C: \ Program Files (x86) \ Samsung \ Kies \ KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.) HKLM-x32 \ ... \ Run: [LWS] => C: \ Program Files (x86) \ Logitech \ LWS \ Webcam Software \ LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32 \ .. . \ Run: [ArcSoft Connection Service] => C: \ Program Files (x86) \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32 \ ... \ Run: [RemoteControl10] => C: \ Program Files (x86) \ CyberLink \ PowerDVD10 \ PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM -x32 \ ... \ Run: [BDRegion] => C: \ Program Files (x86) \ Cyberlink \ Shared files \ brs.exe [78312 2012-05-09] (cyberlink) HKLM-x32 \ ... \ Run: [CrashMon] => C: \ Program Files (x86) \ Universal Updater \ CrashMon.exe [388096 2014-06-18] () HKLM-x32 \ ... \ Run: [Isis] => C: \ Program Files (x86) \ Isis \ isis.exe [330544 2014-07-15] () HKU \ S-1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ Run: [KiesPreload] => C: \ Program Files (x86) \ Samsung \ Kies \ Kies.exe [1564992 2014-04-23] (Samsung) HKU \ S-1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ Run : [KiesAirMessage] => C: \ Program Files (x86) \ Samsung \ Kies \ KiesAirMessage.exe -startup HKU \ S-1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ Run: [RESTART_STICKY_NOTES ] => C: \ Windows \ System32 \ StikyNot.exe [457728 2013-09-30] (Microsoft Corporation) HKU \ S-1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ Run: [ Facebook update e] => C: \ Users \ Peter \ AppData \ Local \ Facebook \ Update \ FacebookUpdate.exe [138096 2014-02-15] (Facebook Inc.) HKU \ S-1-5-21-3412253895-2932389450-2306418526 -1001 \ ... \ Run: [DAEMON Tools Pro Agent] => C: \ Program Files (x86) \ DAEMON Tools Pro \ DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKU \ S- 1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ Run: [PriceMeterW] => "C: \ Users \ Peter \ AppData \ Local \ PriceMeter \ pricemeterw.exe" HKU \ S-1-5 -21-3412253895-2932389450-2306418526-1001 \ ... \ Run: [KiesPDLR.exe] => C: \ Program Files (x86) \ Samsung \ Kies \ External \ FirmwareUpdate \ KiesPDLR.exe [845120 2014-04- 23] (Samsung) HKU \ S-1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ MountPoints2: {61197b53-8df7-11e3-8269-806e6f6e6963} - "Y: \ AutoRun \ AutoRun.exe "HKU \ S-1-5-21-3412253895-2932389450-2306418526-1001 \ ... \ MountPoints2: {e6059545-c30d-11e3-828b-001e8c7a8508} -" H: \ autorun.exe "IFEO \ SppExtComObj.exe : [Debugger] SppHook.exe Startup: C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ TMMonitor.lnk ShortcutT arget: TMMonitor.lnk -> C: \ Program Files (x86) \ ArcSoft \ TotalMedia 3.5 \ TMMonitor.exe (ArcSoft, Inc.) Startup: C: \ Users \ Peter \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ DMEX Tools.lnk ShortcutTarget: DMEX Tools.lnk -> C: \ Program Files (x86) \ DMEX \ dmextoolmenu \ dmextoolmenu.exe (André Rübel) Startup: C: \ Users \ Peter \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ SpeedFan.lnk ShortcutTarget: SpeedFan.lnk -> C: \ Program Files (x86) \ SpeedFan \ speedfan.exe (Almico Software (www.almico.com)) ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict ) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C: \ Program Files \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425 -CEBC7DC684EE} => C: \ Program Files \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C: \ Program Files \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C: \ Program Files (x86) \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C: \ Program Files (x86) \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation ) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C: \ Program Files (x86) \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) ===== =============== Internet (Whitelisted) ==================== HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = hxxp: //search.conduit.com/? Ctid = CT3322287 & octid = EB_ORIGINAL_CTID & SearchSource = 55 & CUI = & UM = 4 & UP = SPE82D8A95-44C7-4A2B-A8AD-CA47F0430FC2 & SSPV = HKCU \ Software \ Main., Microsoft \ Internet Explorer = HKCU \ Software \ Cache = hxxp: //t.de.msn.com / HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page Redirect Cache_TIMESTAMP = 0x512F766B0919CF01 HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592- A95B-F44D3EE87FA9} URL = hxxp: //search.conduit.com/Results.aspx? Ctid = CT3322287 & octid = EB_ORIGINAL_CTID & SearchSource = 58 & CUI = & UM = 4 & UP = SPE82D8A95-44C7-4A2B-A8ADES-CA47Fs0} - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp: //search.conduit.com/Results.aspx? Ctid = CT3322287 & octid = EB_ORIGINAL_CTID & SearchSource = 58 & CUI = & UM = 4 & UP = SPE82D8A95-474 {searchTerms} & SSPV = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C: \ Program Files \ Microsoft Office \ Office15 \ OCHelper.dll (Microsoft Corporation) BHO: Java (tm) Plug -In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C: \ Program Files \ Java \ jre7 \ bin \ ssv.dll (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browse r Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C: \ Program Files \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) BHO: Java (tm) Plug-In 2 SSV Helper -> { DBC80044-A445-435b-BC74-9C25C1C588A9} -> C: \ Program Files \ Java \ jre7 \ bin \ jp2ssv.dll (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - > C: \ Program Files (x86) \ Common Files \ DVDVideoSoft \ bin \ IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C: \ Program Files (x86) \ Microsoft Office \ Office15 \ OCHelper.dll (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C: \ Program Files (x86) \ Microsoft Office \ Office15 \ GROOVEEX.DLL (Microsoft Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C: \ Program Files (x86) \ Common Files \ DVDVideoSoft \ bin \ IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Handler: osf - {D924BDC6-C83A -4BD5-90D0-095128A113D1} - C: \ Program Files \ Microsoft Office \ Office15 \ MSOSB.DLL (Microsoft Corporation) Tcpip \ Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @ adobe.com/FlashPlayer - C: \ Windows \ system32 \ Macromed \ Flash \ NPSWF64_14_0_0_145.dll () FF Plugin: @ java.com / DTPlugin, version = 10.55.2 - C: \ Program Files \ Java \ jre7 \ bin \ dtplugin \ npDeployJava1.dll (Oracle Corporation) FF Plugin: @ java.com / JavaPlugin, version = 10.55.2 - C: \ Program Files \ Java \ jre7 \ bin \ plugin2 \ npjp2.dll (Oracle Corporation) FF Plugin: @ microsoft.com/SharePoint,version=14.0 - C: \ PROGRA ~ 1 \ MICROS ~ 1 \ Office15 \ NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @ adobe.com / FlashPlayer - C: \ Windows \ SysWOW64 \ Macromed \ Flash \ NPSWF32_14_0_0_145.dll () FF Plugin-x32: @ Google.com / GoogleEarthPlugin - C: \ Program Files (x86) \ Google \ Google Earth \ plugin \ npgeplugin.dll (Google) FF Plugin-x32: @microsoft. com / Lync, version = 15.0 - C: \ Program Files (x86) \ Mozilla Firefox \ plugins \ npmeetingjoinpluginoc.dll (Microsoft Corporati on) FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 - C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office15 \ NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @ tools.google.com / Google Update; version = 3 - C: \ Program Files (x86) \ Google \ Update \ 1.3.24.15 \ npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @ tools.google.com / Google Update; version = 9 - C: \ Program Files (x86) \ Google \ Update \ 1.3.24.15 \ npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @ tools.updatepm.com / PriceMeterLiveUpdate Update; version = 3 - C: \ Program Files (x86) \ PriceMeterLiveUpdate \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (PriceMeter) FF Plugin-x32: @ tools.updatepm.com / PriceMeterLiveUpdate Update; version = 9 - C: \ Program Files (x86) \ PriceMeterLiveUpdate \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (PriceMeter) FF Plugin-x32: @ videolan.org / vlc, version = 2.1.2 - C: \ Program Files (x86) \ VideoLAN \ VLC \ npvlc.dll (VideoLAN) FF Plugin- x32: @ videolan.org / vlc, version = 2.1.3 - C: \ Program Files (x86) \ VideoLAN \ VLC \ npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C: \ Program File s (x86) \ Adobe \ Reader 11.0 \ Reader \ AIR \ nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C: \ Users \ Peter \ AppData \ Local \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles / Appdata: C: \ Program Files (x86) \ mozilla firefox \ plugins \ npMeetingJoinPluginOC.dll (Microsoft Corporation) FF HKLM-x32 \ ... cc context menu ) - C: \ Users \ Peter \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ ijmkoefdiklbdnfbafpgekimgkgbkfna [2014-02-12] CHR Extension: (Google Wallet) - C: \ Users \ Peter \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28] CHR Extension: (YouTube Unblocker) - C: \ Users \ Peter \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ npnkeeiehehhefofiekoflfedgehcdhl [2014-02-12] CHR Extension: (Gmail) - C: \ Users \ Peter \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ pjkljhegncpnkpknbcohdijeoejaedia [2014-01-28] CHR HKCU \ .. . \ Chrome \ Extension: [nikpibnb obmbdbheedjfogjlikpgpnhp] - C: \ Program Files (x86) \ Common Files \ DVDVideoSoft \ plugins \ DVDVideoSoftBrowserExtension.crx [2014-02-12] ==================== Services (Whitelisted) ================= R2 ACDaemon; C: \ Program Files (x86) \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 CLKMSVC10_38F51D56; C: \ Program Files (x86) \ CyberLink \ PowerDVD10 \ NavFilter \ kmsvc.exe [242664 2012-05-09] (CyberLink) S2 pricemeterliveUpdate; C: \ Program Files (x86) \ PriceMeterLiveUpdate \ Update \ PriceMeterLiveUpdate.exe [150504 2014-05-03] (PriceMeter) S3 pricemeterliveUpdatem; C: \ Program Files (x86) \ PriceMeterLiveUpdate \ Update \ PriceMeterLiveUpdate.exe [150504 2014-05-03] (PriceMeter) R2 UniversalUpdater; C: \ Program Files (x86) \ Universal Updater \ UpdaterService.exe [606136 2014-06-18] () S3 WdNisSvc; C: \ Program Files \ Windows Defender \ NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C: \ Program Files \ Windows Defender \ MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) == =================== S0 amdkmafd; C: \ Windows \ System32 \ drivers \ amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C: \ Windows \ system32 \ drivers \ AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices) R2 atksgt; C: \ Windows \ System32 \ DRIVERS \ atksgt.sys [314016 2014-01-25] () R1 dtsoftbus01; C: \ Windows \ System32 \ drivers \ dtsoftbus01.sys [283200 2014-04-14] (DT Soft Ltd) R1 isis; C: \ Windows \ System32 \ drivers \ isis.sys [52016 2014-07-15] (Windows (R) Win 7 DDK provider) S3 IT9135BDA; C: \ Windows \ System32 \ Drivers \ IT9135BDA.sys [165504 2014-02-04] (ITE) S3 LGSHidFilt; C: \ Windows \ system32 \ DRIVERS \ LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R2 lirsgt; C: \ Windows \ System32 \ DRIVERS \ lirsgt.sys [43680 2014-01-25] () R3 MTsensor; C: \ Windows \ system32 \ DRIVERS \ ASACPI.sys [17280 2013-05-17] () R0 SI3112r; C: \ Windows \ System32 \ DRIVERS \ SI3112r.sys [133160 2007-12-26] (Silicon Image, Inc) R0 SiFilter; C: \ Windows \ System32 \ DRIVERS \ SiWinAcc.sys [22056 2007-12-26] (Silicon Image,Inc) R3 t_mouse.sys; C: \ Windows \ system32 \ DRIVERS \ t_mouse.sys [6144 2013-04-09] () S3 WdNisDrv; C: \ Windows \ System32 \ Drivers \ WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R3 yukonw8; C: \ Windows \ system32 \ DRIVERS \ yk63x64.sys [295216 2013-06-18] (Marvell) S3 dgderdrv; System32 \ drivers \ dgderdrv.sys [X] ===================== NetSvcs (Whitelisted) ================ === ===================== One Month Created Files and Folders ======== 2014-07-15 18:37 - 2014-07- 15 18:38 - 00000000 ____D () C: \ FRST 2014-07-15 15:21 - 2014-07-15 15:21 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Local \ HD Streamer 2014- 07-15 14:51 - 2014-07-15 14:51 - 00052016 _____ (Windows (R) Win 7 DDK provider) C: \ Windows \ system32 \ Drivers \ isis.sys 2014-07-15 02:07 - 2014 -07-15 02:07 - 00000000 ____D () C: \ ProgramData \ PriceMeterLiveUpdate 2014-07-15 01:57 - 2014-07-15 02:19 - 00000000 ____D () C: \ zoek_backup 2014-07-15 01 : 57 - 2014-07-15 02:05 - 00007810 _____ () C: \ zoek-results.log 2014-07-14 18:12 - 2014-07-15 15:21 - 00000000 ____D () C: \ Program Files (x86) \ Isis 2014-07-11 08:53 - 2014-07-15 02:05 - 00002274 _____ () C: \ Windows \ PFRO.log 2014-07-10 22:47 - 2014-07-10 22:47 - 00000000 ___SD () C: \ Windows \ system32 \ CompatTel 2014-07-10 19:46 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C: \ Windows \ system32 \ termsrv.dll 2014-07-10 06:03 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ osk.exe 2014-07- 10 06:03 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C: \ Windows \ system32 \ osk.exe 2014-07-10 06:03 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C: \ Windows \ system32 \ win32k.sys 2014-07-10 06:03 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C: \ Windows \ system32 \ Drivers \ afd.sys 2014-07-10 06:03 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C: \ Windows \ system32 \ Drivers \ cng.sys 2014-07-10 06:03 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C: \ Windows \ system32 \ adtschema.dll 2014-07-10 06:03 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ adtschema.dll 2014-07-10 06:03 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C: \ Windows \ system32 \ certcli.dll 2014-07-10 06:03 - 2014-05 -29 07:34 - 00318976 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ certcli.dll 2014-07-10 06:03 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C: \ Windows \ system32 \ lsasrv.dll 2014-07-10 06:02 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C: \ Windows \ system32 \ aepdu.dll 2014-07-10 06:02 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C : \ Windows \ system32 \ aeinv.dll 2014-07-10 06:02 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C: \ Windows \ system32 \ devinv.dll 2014-07-10 06: 02 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C: \ Windows \ system32 \ mshtml.dll 2014-07-10 06:02 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation ) C: \ Windows \ system32 \ iertutil.dll 2014-07-10 06:02 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ mshtml.dll 2014-07-10 06:02 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C: \ Windows \ system32 \ dxtmsft.dll 2014-07-10 06:02 - 2014-06-19 01:51 - 05721088 _____ ( Microsoft Corporation) C: \ Windows \ system32 \ jscript9. dll 2014-07-10 06:02 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C: \ Windows \ system32 \ mshtmled.dll 2014-07-10 06:02 - 2014-06-19 01 : 48 - 00292864 _____ (Microsoft Corporation) C: \ Windows \ system32 \ dxtrans.dll 2014-07-10 06:02 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C: \ Windows \ system32 \ iedkcs32.dll 2014-07-10 06:02 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C: \ Windows \ system32 \ ie4uinit.exe 2014-07-10 06:02 - 2014-06- 19 01:33 - 00631808 _____ (Microsoft Corporation) C: \ Windows \ system32 \ msfeeds.dll 2014-07-10 06:02 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ iertutil.dll 2014-07-10 06:02 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C: \ Windows \ system32 \ inetcpl.cpl 2014-07-10 06:02 - 2014- 06-19 01:12 - 00367616 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ dxtmsft.dll 2014-07-10 06:02 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ mshtmled.dll 2014-07-10 06:02 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C: \ Windows \ system32 \ wininet.dll 2014-07-10 06:02 - 2014-06-19 00:58 - 00239616 _____ ( Microsoft Corporation) C: \ Windows \ SysWOW64 \ dxtrans.dll 2014-07-10 06:02 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ iedkcs32.dll 2014-07 -10 06:02 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ jscript9.dll 2014-07-10 06:02 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C: \ Windows \ system32 \ ieframe.dll 2014-07-10 06:02 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ msfeeds.dll 2014 -07-10 06:02 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ inetcpl.cpl 2014-07-10 06:02 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ ieframe.dll 2014-07-10 06:02 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C: \ Windows \ system32 \ urlmon. dll 2014-07-10 06:02 - 2014-06-1 9 00:15 - 00846336 _____ (Microsoft Corporation) C: \ Windows \ system32 \ ieapfltr.dll 2014-07-10 06:02 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ wininet.dll 2014-07-10 06:02 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ urlmon.dll 2014-07-10 06:02 - 2014- 06-19 00:07 - 00704512 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ ieapfltr.dll 2014-07-10 06:02 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C: \ Windows \ system32 \ qedit.dll 2014-07-10 06:02 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ qedit.dll 2014-07-10 06:02 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C: \ Windows \ system32 \ wuauclt.exe 2014-07-10 06:02 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C : \ Windows \ system32 \ twinapi.appcore.dll 2014-07-10 06:02 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C: \ Windows \ system32 \ twinui.dll 2014-07-10 06:02 - 2014-05-31 05:30 - 11792 384 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ twinui.dll 2014-07-10 06:02 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C: \ Windows \ system32 \ Windows.ApplicationModel .Store.TestingFramework.dll 2014-07-10 06:02 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C: \ Windows \ system32 \ wudriver.dll 2014-07-10 06:02 - 2014 -05-31 05:03 - 00827392 _____ (Microsoft Corporation) C: \ Windows \ system32 \ wuapi.dll 2014-07-10 06:02 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-10 06:02 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ wudriver.dll 2014- 07-10 06:02 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ wuapi.dll 2014-07-10 06:02 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C: \ Windows \ system32 \ wuaueng.dll 2014-07-10 06:02 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C: \ Windows \ system 32 \ twinui.appcore.dll 2014-07-10 06:02 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C: \ Windows \ system32 \ WSShared.dll 2014-07-10 06:02 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ twinui.appcore.dll 2014-07-10 06:02 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation ) C: \ Windows \ SysWOW64 \ WSShared.dll 2014-07-10 05:59 - 2014-07-10 05:59 - 00079872 _____ (Microsoft Corporation) C: \ Windows \ system32 \ WSReset.exe 2014-07-01 18:25 - 2014-07-15 17:39 - 01106289 _____ () C: \ Windows \ WindowsUpdate.log 2014-06-26 12:23 - 2012-12-22 21:09 - 00444928 _____ (Alex Schepeljanski) C : \ Users \ Peter \ Desktop \ AS SSD Benchmark.exe 2014-06-17 17:02 - 2014-06-17 17:02 - 00001007 _____ () C: \ Users \ Peter \ Desktop \ MakeMKV.lnk 2014-06 -17 17:02 - 2014-06-17 17:02 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ MakeMKV 2014-06-17 17:02 - 2014 -06-17 17:02 - 00000000 ____D () C: \ Program Files (x86) \ MakeMKV 2014-06-17 04:35 - 2014-06-17 04:35 - 00002772 _____ () C: \ Windows \ System32 \ Tasks \ CCleanerSkipUAC 2014-06-17 04:35 - 2014-06-17 04:35 - 00000834 _____ () C: \ Users \ Public \ Desktop \ CCleaner.lnk 2014-06-17 04:35 - 2014-06-17 04:35 - 00000000 ____D () C: \ Program Files \ CCleaner =============== ====== One Month Modified Files and Folders ======= 2014-07-15 18:38 - 2014-07-15 18:37 - 00000000 ____D () C: \ FRST 2014-07-15 18:38 - 2014-01-27 12:38 - 00000884 _____ () C: \ Windows \ Tasks \ Adobe Flash Player Updater.job 2014-07-15 18:37 - 2014-01-24 15:38 - 00000000 ____D () C: \ instmp 2014-07-15 18:35 - 2014-01-24 16:21 - 00000000 ____D () C: \ JDownloader 2014-07-15 18:00 - 2013-08-22 17:36 - 00000000 ____D () C: \ Windows \ system32 \ sru 2014-07-15 17:53 - 2014-01-28 08:23 - 00001118 _____ () C: \ Windows \ Tasks \ GoogleUpdateTaskMachineUA.job 2014-07-15 17 : 45 - 2014-05-03 17:40 - 00000974 _____ () C: \ Windows \ Tasks \ PriceMeterLiveUpdateUpdateTaskMachineUA.job 2014-07-15 17:45 - 2014-05-03 17:40 - 00000970 _____ () C: \ Windows \ Tasks \ PriceMeterLiveUpdateUpdateTaskMachineCore.job 2014-07-15 17:39 - 2014-07-01 18:25 - 01106289 _____ () C: \ Windows \ WindowsUpdate.log 2014-07-15 16:50 - 2014-02-15 11:45 - 00000938 _____ () C: \ Windows \ Tasks \ FacebookUpdateTaskUserS-1-5-21-3412253895-2932389450-2306418526-1001UA.job 2014-07-15 16:09 - 2014-01-24 15:37 - 00003914 _____ ( ) C: \ Windows \ System32 \ Tasks \ User_Feed_Synchronization- {BDA3291A-B02F-4BBA-98C9-5BFD405CE7DF} 2014-07-15 15:21 - 2014-07-15 15:21 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Local \ HD Streamer 2014-07-15 15:21 - 2014-07-14 18:12 - 00000000 ____D () C: \ Program Files (x86) \ Isis 2014-07-15 15:21 - 2014 -04-29 18:48 - 00000000 ____D () C: \ Program Files (x86) \ Addon Enabler 2014-07-15 15:10 - 2014-06-11 18:36 - 00000000 ____D () C: \ Program Files (x86) \ Steam 2014-07-15 14:51 - 2014-07-15 14:51 - 00052016 _____ (Windows (R) Win 7 DDK provider) C: \ Windows \ system32 \ Drivers \ isis.sys 2014-07 -15 12:50 - 2013-08-22 17:36 - 00000000 ____D () C: \ Windows \ AppReadiness 2014-07-15 1 0:53 - 2014-01-28 08:23 - 00001114 _____ () C: \ Windows \ Tasks \ GoogleUpdateTaskMachineCore.job 2014-07-15 10:50 - 2014-02-15 11:45 - 00000916 _____ () C : \ Windows \ Tasks \ FacebookUpdateTaskUserS-1-5-21-3412253895-2932389450-2306418526-1001Core.job 2014-07-15 03:22 - 2014-01-24 15:37 - 00003600 _____ () C: \ Windows \ System32 \ Tasks \ Optimize Start Menu Cache Files-S-1-5-21-3412253895-2932389450-2306418526-1001 2014-07-15 02:37 - 2014-01-24 15:56 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Roaming \ vlc 2014-07-15 02:25 - 2014-01-28 08:23 - 00000000 ____D () C: \ Program Files (x86) \ Google 2014-07-15 02:25 - 2013-12-22 14:54 - 01776918 _____ () C: \ Windows \ system32 \ PerfStringBackup.INI 2014-07-15 02:25 - 2013-09-30 05:58 - 00764340 _____ () C: \ Windows \ system32 \ perfh007.dat 2014-07-15 02:25 - 2013-09-30 05:58 - 00159160 _____ () C: \ Windows \ system32 \ perfc007.dat 2014-07-15 02:24 - 2014-02- 05 01:05 - 00000000 __RDO () C: \ Users \ Peter \ SkyDrive 2014-07-15 02:24 - 2014-02-04 19:25 - 00000048 _____ () C: \ monit or.log 2014-07-15 02:24 - 2014-01-24 23:06 - 00000000 ____D () C: \ Program Files (x86) \ SpeedFan 2014-07-15 02:24 - 2014-01-24 15 : 29 - 00000000 ____D () C: \ Users \ Peter 2014-07-15 02:21 - 2013-08-22 16:45 - 00000006 ____H () C: \ Windows \ Tasks \ SA.log 2014-07-15 02:05 - 2014-07-11 08:53 - 00002274 _____ () C: \ Windows \ PFRO.log 2014-07-14 16:00 - 2013-12-22 15:01 - 00000000 ____D () C: \ ProgramData \ Microsoft Help 2014-07-12 10:46 - 2013-08-22 17:36 - 00000000 ____D () C: \ Windows \ rescache 2014-07-11 08:53 - 2013-08-22 16:44 - 00473776 _____ () C: \ Windows \ system32 \ FNTCACHE.DAT 2014-07-10 22:47 - 2014-07-10 22:47 - 00000000 ___SD () C: \ Windows \ system32 \ CompatTel 2014-07-10 22 : 47 - 2013-09-30 06:00 - 00000000 ____D () C: \ Program Files \ Windows Journal 2014-07-10 22:47 - 2013-08-22 17:36 - 00000000 ___RD () C: \ Windows \ ToastData 2014-07-10 22:47 - 2013-08-22 17:36 - 00000000 ___RD () C: \ Users \ Default \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Accessibility 2014-07-10 22:47 - 2013-08-22 17: 3 6 - 00000000 ___RD () C: \ Users \ Default User \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Accessibility 2014-07-10 22:47 - 2013-08-22 17:36 - 00000000 ____D () C: \ Windows \ WinStore 2014-07-10 22:47 - 2013-08-22 15:25 - 00262144 ___SH () C: \ Windows \ system32 \ config \ BBI 2014-07-10 19:49 - 2014-01 -27 05:08 - 00000000 ____D () C: \ Windows \ system32 \ MRT 2014-07-10 19:49 - 2013-08-22 17:20 - 00000000 ____D () C: \ Windows \ CbsTemp 2014-07- 10 19:48 - 2014-01-27 05:08 - 96441528 _____ (Microsoft Corporation) C: \ Windows \ system32 \ MRT.exe 2014-07-10 19:48 - 2013-08-22 15:25 - 00262144 ___SH () C: \ Windows \ system32 \ config \ ELAM 2014-07-10 06:08 - 2014-01-24 15:38 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Local \ GHISLER 2014-07- 10 05:59 - 2014-07-10 05:59 - 00079872 _____ (Microsoft Corporation) C: \ Windows \ system32 \ WSReset.exe 2014-07-08 18:38 - 2014-01-27 12:38 - 00003772 _____ () C: \ Windows \ System32 \ Tasks \ Adobe Flash Player Updater 2014-07-07 01:20 - 2014-01-24 15:39 - 00000786 _____ () C: \ Program Data \ Microsoft \ Windows \ Start Menu \ Programs \ Opera.lnk 2014-07-07 01:20 - 2014-01-24 15:39 - 00000774 _____ () C: \ Users \ Public \ Desktop \ Opera.lnk 2014- 07-01 22:41 - 2014-02-11 01:43 - 00042496 ___SH () C: \ Users \ Peter \ Desktop \ Thumbs.db 2014-07-01 00:45 - 2014-07-10 06:02 - 00688128 _____ (Microsoft Corporation) C: \ Windows \ system32 \ aepdu.dll 2014-06-30 05:14 - 2014-01-24 15:39 - 00000000 ____D () C: \ Program Files \ Common Files \ logishrd 2014- 06-30 05:13 - 2014-01-29 16:10 - 00000000 ____D () C: \ ProgramData \ LogiShrd 2014-06-30 05:13 - 2014-01-29 16:09 - 00000000 ____D () C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programs \ Logitech 2014-06-28 09:48 - 2014-07-10 06:02 - 00527360 _____ (Microsoft Corporation) C: \ Windows \ system32 \ aeinv.dll 2014-06 -28 09:07 - 2014-07-10 06:02 - 00385536 _____ (Microsoft Corporation) C: \ Windows \ system32 \ devinv.dll 2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C: \ Windows \ SysWOW64 \ FlashPlayerApp.exe 2014-06-26 22:55 - 2013-08-22 17 : 38 - 00105440 _____ (Adobe Systems Incorporated) C: \ Windows \ SysWOW64 \ FlashPlayerCPLApp.cpl 2014-06-26 22:32 - 2014-01-25 04:54 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Roaming \ dvdcss 2014-06-26 01:00 - 2014-02-07 20:27 - 00032256 ___SH () C: \ Users \ Peter \ Documents \ Thumbs.db 2014-06-19 03:39 - 2014-07 -10 06:02 - 23464448 _____ (Microsoft Corporation) C: \ Windows \ system32 \ mshtml.dll 2014-06-19 02:48 - 2014-07-10 06:02 - 02768384 _____ (Microsoft Corporation) C: \ Windows \ system32 \ iertutil.dll 2014-06-19 02:16 - 2014-07-10 06:02 - 17276416 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ mshtml.dll 2014-06-19 02:09 - 2014 -07-10 06:02 - 00452608 _____ (Microsoft Corporation) C: \ Windows \ system32 \ dxtmsft.dll 2014-06-19 01:51 - 2014-07-10 06:02 - 05721088 _____ (Microsoft Corporation) C: \ Windows \ system32 \ jscript9.dll 2014-06-19 01:50 - 2014-07-10 06:02 - 00085504 _____ (Microsoft Corporation) C: \ Windows \ system32 \ mshtmled.dll 2014-06-19 01:48 - 2014-07-10 06:02 - 00292864 _____ (Microsoft Corp oration) C: \ Windows \ system32 \ dxtrans.dll 2014-06-19 01:46 - 2014-07-10 06:02 - 00250880 _____ (Microsoft Corporation) C: \ Windows \ system32 \ iedkcs32.dll 2014-06- 19 01:39 - 2014-07-10 06:02 - 00608768 _____ (Microsoft Corporation) C: \ Windows \ system32 \ ie4uinit.exe 2014-06-19 01:33 - 2014-07-10 06:02 - 00631808 _____ (Microsoft Corporation) C: \ Windows \ system32 \ msfeeds.dll 2014-06-19 01:32 - 2014-07-10 06:02 - 02179072 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ iertutil.dll 2014- 06-19 01:27 - 2014-07-10 06:02 - 02040832 _____ (Microsoft Corporation) C: \ Windows \ system32 \ inetcpl.cpl 2014-06-19 01:12 - 2014-07-10 06:02 - 00367616 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ dxtmsft.dll 2014-06-19 00:59 - 2014-07-10 06:02 - 00069632 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ mshtmled.dll 2014-06-19 00:58 - 2014-07-10 06:02 - 02266112 _____ (Microsoft Corporation) C: \ Windows \ system32 \ wininet.dll 2014-06-19 00:58 - 2014-07-10 06: 02 - 00239616 _____ (Microsoft Corporation) C: \ Win dows \ SysWOW64 \ dxtrans.dll 2014-06-19 00:57 - 2014-07-10 06:02 - 00225280 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ iedkcs32.dll 2014-06-19 00:52 - 2014-07-10 06:02 - 04254720 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ jscript9.dll 2014-06-19 00:51 - 2014-07-10 06:02 - 13527040 _____ (Microsoft Corporation) C : \ Windows \ system32 \ ieframe.dll 2014-06-19 00:49 - 2014-07-10 06:02 - 00526336 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ msfeeds.dll 2014-06-19 00: 45 - 2014-07-10 06:02 - 01964544 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ inetcpl.cpl 2014-06-19 00:35 - 2014-07-10 06:02 - 11742208 _____ (Microsoft Corporation ) C: \ Windows \ SysWOW64 \ ieframe.dll 2014-06-19 00:34 - 2014-07-10 06:02 - 01393664 _____ (Microsoft Corporation) C: \ Windows \ system32 \ urlmon.dll 2014-06-19 00:15 - 2014-07-10 06:02 - 00846336 _____ (Microsoft Corporation) C: \ Windows \ system32 \ ieapfltr.dll 2014-06-19 00:13 - 2014-07-10 06:02 - 01791488 _____ ( Microsoft Corporation) C: \ Windows \ SysWOW64 \ win inet.dll 2014-06-19 00:09 - 2014-07-10 06:02 - 01139200 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ urlmon.dll 2014-06-19 00:07 - 2014-07- 10 06:02 - 00704512 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ ieapfltr.dll 2014-06-18 16:29 - 2014-01-31 11:30 - 00000000 ____D () C: \ ProgramFiles (x86) \ Universal Updater 2014-06-18 12:11 - 2014-06-03 12:11 - 00003842 _____ () C: \ Windows \ System32 \ Tasks \ Opera scheduled Autoupdate 1390570772 2014-06-18 12:11 - 2014-01-24 15:39 - 00000000 ____D () C: \ Program Files (x86) \ Opera 2014-06-17 17:02 - 2014-06-17 17:02 - 00001007 _____ () C: \ Users \ Peter \ Desktop \ MakeMKV.lnk 2014-06-17 17:02 - 2014-06-17 17:02 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ MakeMKV 2014-06-17 17:02 - 2014-06-17 17:02 - 00000000 ____D () C: \ Program Files (x86) \ MakeMKV 2014-06-17 10:48 - 2014-01-28 08:23 - 00004090 _____ () C: \ Windows \ System32 \ Tasks \ GoogleUpdateTaskMachineUA 2014-06-17 10:48 - 2014-01-28 08:23 - 00003854 _____ () C: \ Windows \ System32 \ Tasks \ GoogleUpdateTaskMachineCore 2014-06 -17 04:36 - 2014-04-14 14:25 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Roaming \ DAEMON Tools Pro 2014-06-17 04:36 - 2014-02-04 18:31 - 00000000 ____D () C: \ Windows \ Minidump 2014-06-17 04:36 - 2013-12-22 14:33 - 00000000 ____D () C: \ Windows \ Panther 2014-06-17 04:35 - 2014-06-17 04:35 - 00002772 _____ () C: \ Windows \ System32 \ Tasks \ CCleanerSkipUAC 2014-06-17 04:35 - 2014-06 -17 04:35 - 00000834 _____ () C: \ Users \ Public \ Desktop \ CCleaner.lnk 2014-06-17 04:35 - 2014-06-17 04:35 - 00000000 ____D () C: \ Program Files \ CCleaner 2014-06-17 00:26 - 2014-07-10 06:03 - 00779264 _____ (Microsoft Corporation) C: \ Windows \ SysWOW64 \ osk.exe 2014-06-17 00:24 - 2014-07-10 06 : 03 - 00834048 _____ (Microsoft Corporation) C: \ Windows \ system32 \ osk.exe 2014-06-16 20:05 - 2014-01-24 15:30 - 00000000 ____D () C: \ Users \ Peter \ AppData \ Local \ Packages Some content of TEMP: ==================== C: \ Users \ Peter \ AppData \ Local \ Temp \ sfamcc00001.dll C: \ Users \ Peter \ AppData \ Local \ Temp \ sfareca00001.dll ===================== Bamital & volsnap Check ================= = C: \ Windows \ System32 \ winlogon.exe => File is digitally signed C: \ Windows \ System32 \ wininit.exe => File is digitally signed C: \ Windows \ explorer.exe => File is digitally signed C: \ Windows \ SysWOW64 \ explorer.exe => File is digitally signed C: \ Windows \ System32 \ svchost.exe => File is digitally signed C: \ Windows \ SysWOW64 \ svchost.exe => File is digitally signed C: \ Windows \ System32 \ services. exe => File is digitally signed C: \ Windows \ System32 \ User32.dll => File is digitally signed C: \ Windows \ SysWOW64 \ User32.dll => File is digitally signed C: \ Windows \ System32 \ userinit.exe = > File is digitally signed C: \ Windows \ SysWOW64 \ userinit.exe => File is digitally signed C: \ Windows \ System32 \ rpcss.dll => File is digitally signed C: \ Windows \ System32 \ Drivers \ volsnap.sys = > File is digitally signed LastRegBack: 2014-07-08 09:46 ===================== End Of Log ============ =================
--- --- ---

--- --- ---


additionalFRST Additions log file: