| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mail account gehackt?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.07.2013, 10:57
| #1 | |
| |  Mail account gehackt? Hallo, seit drei Tagen bekomme ich bei meinem E-mail account bei GMX in jeweils sehr kurzem Zeitraum, sehr viel Mails mit dem Titel "Mail delivery failed: returning message to sender" vom Absender "mailer-daemon@gmx.de". Der Inhalt der Mails ist jeweils ein wenig unterschiedelich. Hier ein Beispiel: Zitat:
Was soll ich tun? Bisher habe ich einen Scan mit der Antivirensoftware "Avira: Antivir" durchgeführt, welcher aber zu keinen Funden geführt hat. Außerdem habe ich schon die drei in diesem Thread (http://www.trojaner-board.de/69886-a...-beachten.html) beschriebenen Schritte durchgeführt: OTL.txt: Code:
ATTFilter OTL logfile created on: 26.07.2013 12:37:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Simon\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 65,91% Memory free 7,73 Gb Paging File | 6,34 Gb Available in Paging File | 82,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 231,00 Gb Total Space | 101,96 Gb Free Space | 44,14% Space Free | Partition Type: NTFS Drive D: | 344,27 Gb Total Space | 203,82 Gb Free Space | 59,20% Space Free | Partition Type: NTFS Drive E: | 6,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: SIMON-PC | User Name: Simon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.26 12:15:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe PRC - [2013.06.24 10:14:57 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.06.24 10:14:30 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.06.24 10:14:30 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.06.03 11:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe PRC - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.11.20 14:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe PRC - [2010.02.03 15:19:52 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.02.03 15:19:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ========== Modules (No Company Name) ========== MOD - [2013.06.03 11:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe MOD - [2013.06.03 11:57:01 | 002,521,552 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ========== Services (SafeList) ========== SRV - [2013.07.03 10:40:04 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.24 10:14:57 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.06.24 10:14:30 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.03 11:57:49 | 003,085,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.10.05 14:40:12 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV - [2012.01.31 09:10:36 | 000,339,776 | ---- | M] ( ) [Auto | Running] -- C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe -- (mitsijm2013) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.03 15:19:52 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.02.03 15:19:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.28 02:12:20 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.03.28 02:12:20 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.03.28 02:12:20 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.03.07 20:27:58 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011.09.07 11:46:58 | 000,070,016 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64) DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011.07.05 13:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.10.11 15:26:20 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.10.11 15:26:20 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.07.08 10:28:46 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2010.02.26 17:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.09 02:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr) DRV:64bit: - [2009.04.08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=119776&babsrc=HP_ss_din2g&mntrId=6EAFE811320B720F IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=119776&babsrc=HP_ss_din2g&mntrId=6EAFE811320B720F IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 F1 B2 6D 80 FC CC 01 [binary data] IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=6EAFE811320B720F IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.spox.com" FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Simon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Simon\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.07 18:46:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\Extensions [2013.07.25 22:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\Firefox\Profiles\p5c6bd9b.default\extensions [2013.07.25 22:46:09 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Simon\AppData\Roaming\mozilla\Firefox\Profiles\p5c6bd9b.default\extensions\ich@maltegoetz.de [2013.07.25 12:04:52 | 000,824,431 | ---- | M] () (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\firefox\profiles\p5c6bd9b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.01 19:59:31 | 000,006,471 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\mozilla\firefox\profiles\p5c6bd9b.default\searchplugins\babylon.xml [2013.05.01 19:59:31 | 000,006,471 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\mozilla\firefox\profiles\p5c6bd9b.default\searchplugins\BrowserProtect.xml [2013.03.24 13:22:59 | 000,001,294 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\mozilla\firefox\profiles\p5c6bd9b.default\searchplugins\delta.xml [2013.05.18 21:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions [2013.05.18 20:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.07.03 10:40:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.03.24 13:22:38 | 000,006,468 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKCU..\Run: [Facebook Update] C:\Users\Simon\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A549E86-7573-4F64-AF51-409A5D8FD9BC}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF784BCA-BC82-4FC5-8784-94AD0C0DE338}: DhcpNameServer = 141.24.53.248 141.24.53.227 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.10.05 14:16:43 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2012.09.05 22:17:04 | 000,000,054 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{313318f1-6875-11e1-8f5b-000b6b62c5a8}\Shell - "" = AutoRun O33 - MountPoints2\{313318f1-6875-11e1-8f5b-000b6b62c5a8}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{d25b58aa-686c-11e1-aa4b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{d25b58aa-686c-11e1-aa4b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2012.09.07 03:13:42 | 000,298,640 | R--- | M] (2K Sports) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.26 12:15:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe [2013.07.25 17:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.07.25 17:17:37 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Google [2013.07.25 17:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google ========== Files - Modified Within 30 Days ========== [2013.07.26 12:22:13 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.26 12:15:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe [2013.07.26 12:12:13 | 000,000,000 | ---- | M] () -- C:\Users\Simon\defogger_reenable [2013.07.26 11:50:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.26 11:31:15 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.26 11:31:15 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.26 11:23:36 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.26 11:23:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.26 11:23:13 | 3111,444,480 | -HS- | M] () -- C:\hiberfil.sys [2013.07.25 16:26:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000UA.job [2013.07.25 16:26:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000Core.job [2013.07.25 12:00:18 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.25 12:00:18 | 000,700,418 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.25 12:00:18 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.25 12:00:18 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.25 12:00:18 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.11 16:50:03 | 000,527,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.07.26 12:12:13 | 000,000,000 | ---- | C] () -- C:\Users\Simon\defogger_reenable [2013.07.25 17:17:45 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.25 17:17:42 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.07 16:00:34 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2012.06.26 11:44:36 | 000,000,058 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\AVSDVDPlayer.m3u [2012.06.26 11:41:12 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012.06.26 11:41:12 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012.03.14 18:34:01 | 001,599,138 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.13 00:35:35 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\2K Sports [2012.10.19 12:40:52 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Autodesk [2013.03.24 13:23:17 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\BabSolution [2013.03.24 13:22:13 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Babylon [2013.01.18 15:59:06 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\CADClick [2013.02.20 13:21:34 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Canon [2012.03.07 21:01:17 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite [2013.07.17 17:44:52 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Dropbox [2013.06.20 16:53:52 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\File Scout [2012.03.07 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Trillian ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 26.07.2013 12:37:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Simon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 65,91% Memory free
7,73 Gb Paging File | 6,34 Gb Available in Paging File | 82,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 231,00 Gb Total Space | 101,96 Gb Free Space | 44,14% Space Free | Partition Type: NTFS
Drive D: | 344,27 Gb Total Space | 203,82 Gb Free Space | 59,20% Space Free | Partition Type: NTFS
Drive E: | 6,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: SIMON-PC | User Name: Simon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Simon\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Simon\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{161D85DA-226F-4F17-8D44-D91552300529}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17531D83-6E0B-4468-8855-CBEBC868BA73}" = rport=138 | protocol=17 | dir=out | app=system |
"{1A11A304-302B-4B63-9F0A-AB65197B3E26}" = rport=10243 | protocol=6 | dir=out | app=system |
"{278DFD7C-9F34-46A1-8EA0-8B07B5E52A73}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{279DEFBB-9DD9-45D3-B307-C8DCB27E7FF3}" = lport=445 | protocol=6 | dir=in | app=system |
"{28F1A02F-9EA1-44FD-BCFC-D8C7FF8A0AE8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FB98104-AC58-4E99-A076-02486D7A2891}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32000A4C-F056-4AB0-9BB9-DA562FB9EE25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{449C4404-9999-44F3-A484-4732B0CC8BD7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4D0C4B5F-F5C9-478D-9204-6B83B50701CB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50FDB541-1E9F-4E99-ABA2-F59456C782E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{525DCE7D-7C97-449F-94D4-F29EAEDAB3C3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5313BD5C-963C-4729-A286-35EA726C1852}" = lport=137 | protocol=17 | dir=in | app=system |
"{543FD2DC-15AC-4813-8CEF-CD2A6FDCADF0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5BF0DD54-B569-4F0B-A448-866803FE0FE3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{741A7698-0A6D-41BC-95E7-D600495EF388}" = rport=137 | protocol=17 | dir=out | app=system |
"{869D3ACE-2EB4-40E3-AFBE-0E08E9A971AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{998F8080-DBFB-4CB4-9C0E-8617D59C08F8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{99C14B2A-46DE-443A-A9B6-3CE90F148FBF}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{A6117FB6-B665-43D6-8234-35E6AA0A9F38}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AACE4C2C-FF6D-4481-A07B-7028409627E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC3F4A41-95DC-4156-A171-8570B4E2E91B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B346AB3C-30E4-4F1D-8848-53FF33061BE4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B3A85205-16D4-4760-880B-FFCFCFEA10B6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D136E579-BE1D-4545-B904-8AFE7A06A842}" = lport=138 | protocol=17 | dir=in | app=system |
"{DD216CCE-6673-4EB7-9A71-E38634E0D576}" = rport=445 | protocol=6 | dir=out | app=system |
"{EDEC3793-9126-42A3-8319-46E49457E6C0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF435F15-19BC-4BC8-8CAA-1B6033330D64}" = rport=139 | protocol=6 | dir=out | app=system |
"{F04CCCE9-EB35-4E59-9D09-C1935955F225}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{F7C7D2AE-3736-4049-9016-C7D0C384F2B6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FE93D0DC-148C-456B-B6AF-931599539766}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FEC6D34F-41EE-46C2-9876-999CAD7F2BB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFCC01A4-FD74-41BE-AF54-D48F5E209F31}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007A9D99-E009-42BD-814A-46A70F020E41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{066ABA83-D2CA-4777-9FEC-AAB7FF718F61}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1205B051-D820-4A07-B6C8-B3705356F3CC}" = protocol=6 | dir=in | app=d:\spiele\pro evo 13\pes2013.exe |
"{176FAEF8-464A-4B53-8A97-068821534865}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{190996E4-26FD-4F48-BA9F-E383B098BEE9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FAE222C-BD68-4174-932F-C17B37026D15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{27186CA8-3348-458B-979D-80A987AB0D21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2FA3A5B6-3BB9-4F52-B2C1-927FE4A10408}" = protocol=17 | dir=in | app=d:\spiele\pro evo 13\pes2013.exe |
"{38BF3CA3-83F7-46BD-840F-4D6763BEBDEC}" = protocol=17 | dir=in | app=d:\spiele\pro evo 13\pes2013.exe |
"{39C1AB34-91C6-4170-9D2D-A96885540456}" = protocol=17 | dir=in | app=d:\spiele\pes2012.exe |
"{3B4BE076-9063-4D49-85E8-3F37E3565F5B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A006ECB-EB2B-4361-825A-C4A74E034CAB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5D50A1C4-3747-4761-BA59-D4ABCA5C64B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{734B8D6C-94CC-47EA-B90C-C7F09D98FAD2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7827ABC8-3977-4AAC-AB77-A058AFD6AE57}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7CFCE543-6FEC-4914-B1B4-A35BF70E8754}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8E14A283-B022-4121-92D1-F7EBE393DEFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9015D322-424D-45C9-B260-BB927ACA05CF}" = protocol=17 | dir=in | app=d:\spiele\pes2012.exe |
"{9550F8C8-EE2A-4B2B-9691-97474C247954}" = dir=in | app=c:\users\simon\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{A188EBBB-128B-4B5D-A8B9-7212DE136BB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A1A36F90-FFAF-4DB2-9CF6-6DF2A89E43B0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B0BDA5BD-5659-44F2-A675-F68F15DB1C56}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B8D8FCA4-191A-424B-9DD1-00B8E5BAD404}" = protocol=6 | dir=in | app=d:\spiele\pes2012.exe |
"{BB1AF004-C14B-475E-BB66-E0A91C17D48A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BBB85200-6F4E-4564-BB4E-ED7865D5CB61}" = protocol=17 | dir=in | app=d:\spiele\2k sports\nba2k13.exe |
"{C25086D8-6946-47B3-B3A9-D40A8DFAA544}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C48BA561-AA75-4165-A2D4-7AE20F3420A6}" = protocol=6 | dir=in | app=d:\spiele\pes2012.exe |
"{C4C20563-872B-4826-8BBC-B9CAEF759A7F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C78D91F9-B18D-453A-AC5A-77D1F28A320B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D29C041A-1646-434E-9B25-BC94D0EC8D46}" = protocol=6 | dir=out | app=system |
"{D6180382-312C-49A9-A922-DACFAB795408}" = protocol=17 | dir=in | app=d:\spiele\2k sports\nba 2k12\nba2k12.exe |
"{D83409FB-2551-4F8D-9F7E-102AE4F05720}" = protocol=17 | dir=in | app=c:\users\simon\appdata\roaming\dropbox\bin\dropbox.exe |
"{D97335C1-F504-4B60-913F-787B9C1DE676}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1E22491-0B4B-4FBB-9632-3DC52D630D07}" = protocol=6 | dir=in | app=d:\spiele\2k sports\nba2k13.exe |
"{E46963ED-FB91-4CDE-8250-BD554CF8788C}" = protocol=6 | dir=in | app=d:\spiele\2k sports\nba 2k12\nba2k12.exe |
"{E86C3D17-B8D6-4514-A915-B13F11E38002}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA643289-74E4-4542-91CE-799E1342A580}" = protocol=6 | dir=in | app=c:\users\simon\appdata\roaming\dropbox\bin\dropbox.exe |
"{EF7F4554-75FF-48CA-85EB-04E2C4084391}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F6B58531-B27C-4C7E-A612-A8D35F15DB53}" = protocol=6 | dir=in | app=d:\spiele\pro evo 13\pes2013.exe |
"{FFBCD866-BECA-4EFC-872F-47306A35E8C6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{2FC051B7-797D-46F6-9CF6-CDBECE751EDF}D:\spiele\call of duty- modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty- modern warfare 3\iw5mp.exe |
"TCP Query User{466D9872-B77E-4BC9-9610-5EB89E2DC65C}D:\spiele\modern warfare 2\iw4mp.dat" = protocol=6 | dir=in | app=d:\spiele\modern warfare 2\iw4mp.dat |
"TCP Query User{626EC7E9-C053-46E7-B0CF-7CB9CA56B40C}D:\spiele\call of duty- modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty- modern warfare 3\iw5mp.exe |
"TCP Query User{78D857E6-45A7-46D7-B683-84FB9677E60E}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{B35F96BD-1F60-4DB7-80EB-C46E4A998915}D:\spiele\age of empires iii\age3.exe" = protocol=6 | dir=in | app=d:\spiele\age of empires iii\age3.exe |
"TCP Query User{CD66A38C-DC4F-4B59-B3DC-32B09FDDD6D9}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"TCP Query User{EFABF768-86A0-4A0F-ADCF-B84C19C1C279}D:\spiele\age of empires iii\age3.exe" = protocol=6 | dir=in | app=d:\spiele\age of empires iii\age3.exe |
"TCP Query User{F759A681-5688-4037-A330-963E5F9BE765}D:\spiele\2k sports\nba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=d:\spiele\2k sports\nba 2k12\nba2k12.exe |
"UDP Query User{0BEE57C5-D728-4F55-88F2-30D825D19D25}D:\spiele\call of duty- modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty- modern warfare 3\iw5mp.exe |
"UDP Query User{2FB9C924-4AD2-4FFA-82A3-D7AD2804D9E4}D:\spiele\call of duty- modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty- modern warfare 3\iw5mp.exe |
"UDP Query User{71D21351-C274-4099-8AF1-6C903AD62D2C}D:\spiele\2k sports\nba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=d:\spiele\2k sports\nba 2k12\nba2k12.exe |
"UDP Query User{823AFB47-4307-44BB-86DF-78B4D8AC946D}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"UDP Query User{86FBF453-D04C-450C-A0A4-D94EE292AE2E}D:\spiele\age of empires iii\age3.exe" = protocol=17 | dir=in | app=d:\spiele\age of empires iii\age3.exe |
"UDP Query User{8E09CB4D-A7EF-43A0-9D8E-D334E9860056}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{C27009D3-D192-416F-8BE5-B11277496EF6}D:\spiele\age of empires iii\age3.exe" = protocol=17 | dir=in | app=d:\spiele\age of empires iii\age3.exe |
"UDP Query User{CF762A4E-9A57-4098-AC8C-E1420C85E5BF}D:\spiele\modern warfare 2\iw4mp.dat" = protocol=17 | dir=in | app=d:\spiele\modern warfare 2\iw4mp.dat |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{08BCFE15-8AA1-4A58-B018-4FEF486BA922}" = Autodesk Inventor Fusion for Inventor 2013 Add-in
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{266597A9-1764-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2013 (Client) German Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-B028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{792A9A32-718A-40D1-9867-A903F76AE2F8}" = Eco Materials Adviser for Autodesk Inventor 2013
"{7F4DD591-1764-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1764-0001-1031-7107D70F3DB4}" = Autodesk Inventor Professional 2013 Language Pack - Deutsch (German)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B46DECD1-1764-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2013 (Desktop Content)
"{CF526A26-1764-0000-0000-02E95019B628}" = Autodesk Vault Basic 2013 (Client)
"{D25FF5C1-1764-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2013
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FFF5619F-2013-0064-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Professional 2013" = Autodesk Inventor Professional 2013 Deutsch (German)
"DWG TrueView 2013" = DWG TrueView 2013
"MatlabR2010a" = MATLAB R2010a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65F8E0A6-A290-4D47-B391-D6353D756854}" = Pro Evolution Soccer 2013 DEMO
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D96B6543-A0C0-4351-AF96-73DEF1DD6820}" = NBA 2K13
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE7EA637-9C65-4D57-9342-DDD98315AA58}" = Gemalto PKCS#11 For .NET Smart Cards V2+
"1ClickDownload" = Movie2KDownloader
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Athens 2004" = Athens 2004
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Vault Basic 2013 (Client)" = Autodesk Vault Basic 2013 (Client)
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"Fifa 12 (c) Electronic Arts_is1" = Fifa 12 (c) Electronic Arts version 1
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"VLC media player" = VLC media player 2.0.0
"Winamp" = Winamp
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.12.2012 11:17:49 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 31.12.2012 15:17:37 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 01.01.2013 20:27:30 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 02.01.2013 15:15:06 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 02.01.2013 20:57:55 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 03.01.2013 08:18:12 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 03.01.2013 11:01:25 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 05.01.2013 08:20:30 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 05.01.2013 11:02:41 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 05.01.2013 13:55:37 | Computer Name = Simon-PC | Source = MsiInstaller | ID = 11316
Description =
[ System Events ]
Error - 28.06.2013 16:42:33 | Computer Name = Simon-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Peernetzwerkidentitäts-Manager" Korrekturmaßnahmen (Neustart des
Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056
Error - 04.07.2013 10:23:35 | Computer Name = Simon-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Adobe Acrobat Update Service erreicht.
Error - 07.07.2013 04:30:33 | Computer Name = Simon-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 11.07.2013 12:25:10 | Computer Name = Simon-PC | Source = bowser | ID = 8003
Description =
Error - 21.07.2013 07:07:06 | Computer Name = Simon-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 25.07.2013 05:58:49 | Computer Name = Simon-PC | Source = SCardSvr | ID = 610
Description =
Error - 25.07.2013 05:58:49 | Computer Name = Simon-PC | Source = WudfUsbccidDriver | ID = 6
Description =
Error - 25.07.2013 06:10:01 | Computer Name = Simon-PC | Source = SCardSvr | ID = 610
Description =
Error - 25.07.2013 06:10:01 | Computer Name = Simon-PC | Source = SCardSvr | ID = 610
Description =
Error - 25.07.2013 06:10:01 | Computer Name = Simon-PC | Source = WudfUsbccidDriver | ID = 12
Description =
< End of report >
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-26 14:28:50
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM641JI rev.2AJ10002 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Simon\AppData\Local\Temp\agloypog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800031fe000 44 bytes [00, 00, 16, 02, 4E, 53, 49, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 607 fffff800031fe02f 16 bytes [00, 58, 90, 2C, 07, 80, FA, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1040] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[1372] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe[1676] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe[1676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe[1676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2020] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe[2080] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe[2080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe[2080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[2376] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[2376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[2376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\Windows\SysWOW64\schtasks.exe[3980] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Windows\SysWOW64\schtasks.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Windows\SysWOW64\schtasks.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[1356] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
.text C:\Users\Simon\Desktop\gmer_2.1.19163.exe[2440] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007681cfca 5 bytes JMP 0000000172e64bb0
.text C:\Users\Simon\Desktop\gmer_2.1.19163.exe[2440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764b1465 2 bytes [4B, 76]
.text C:\Users\Simon\Desktop\gmer_2.1.19163.exe[2440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764b14bb 2 bytes [4B, 76]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000b6b62c5a8
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000b6b62c5a8 (not active ControlSet)
---- EOF - GMER 2.1 ----
Ich würde mich sehr über Hilfe freuen und bedanke mich schonmal im Voraus. |
|
27.07.2013, 11:33
| #2 |
| /// TB-Ausbilder   | Mail account gehackt? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen. |
|
27.07.2013, 11:37
| #3 |
| /// TB-Ausbilder | Mail account gehackt? Servus,
__________________gehe an einen anderen (sauberen) Rechner und ändere von dort dein E-Mail Passwort. Auf dem infizierten Rechner bitte folgendes machen: AdwCleaner bitte zweimal direkt hintereinander genau so ausführen und beide Logdateien davon posten! Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste mit deiner nächsten Antwort
|
|
27.07.2013, 17:06
| #4 |
| | Mail account gehackt? Servus, ertsmal Dankeschön, dass du dich meiner Probleme annimmst, Matthias! Also ich habe mein E-mail-Passwort von einem anderen Pc aus geändert. Jedoch habe ich seitdem weitere ominösen E-mails der beschriebenen Art erhalten. Nun habe ich jetzt gerade eben ein weiteres Mal mein Passwort von einem dritten PC aus geändert. Außerdem habe ich die 3 von dir genannten Schritte ausgeführt. Leider konnte ich nicht alle Logilfes in in einer Antwort posten, da sonst die maximale Zeichenanzahl überschritten worden wäre. Somit teile ich die Logfiles auf 2 Antworten auf. Hier die ersten entsprechenden Logfiles: AdwCleaner[S1].txt: Code:
ATTFilter # AdwCleaner v2.306 - Datei am 27/07/2013 um 16:53:45 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Simon - SIMON-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Simon\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : BrowserProtect
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\searchplugins\delta.xml
Gelöscht mit Neustart : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\Program Files (x86)\delta
Ordner Gelöscht : C:\Program Files (x86)\Movie2KDownloader.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Simon\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\jetpack
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\5d538f8fb13db949
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5d538f8fb13db949
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKU\S-1-5-21-562858968-3123787554-3258265573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=119776&babsrc=HP_ss_din2g&mntrId=6EAFE811320B720F --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\prefs.js
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\user.js ... Gelöscht !
Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntr[...]
Gelöscht : user_pref("avg.install.userSPSettings", "Delta Search");
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.id", "6eaf51e8000000000000e811320b720f");
Gelöscht : user_pref("extensions.delta.instlDay", "15788");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.012:22:59");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
*************************
AdwCleaner[S1].txt - [12156 octets] - [27/07/2013 16:53:45]
########## EOF - C:\AdwCleaner[S1].txt - [12217 octets] ##########
Code:
ATTFilter # AdwCleaner v2.306 - Datei am 27/07/2013 um 17:00:38 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Simon - SIMON-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Simon\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\searchplugins\Babylon.xml
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [12255 octets] - [27/07/2013 16:53:45]
AdwCleaner[S2].txt - [1026 octets] - [27/07/2013 17:00:38]
########## EOF - C:\AdwCleaner[S2].txt - [1086 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.5 (07.26.2013:2)
OS: Windows 7 Home Premium x64
Ran by Simon on 27.07.2013 at 17:08:53,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Simon\AppData\Roaming\mozilla\firefox\profiles\p5c6bd9b.default\minidumps [339 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.07.2013 at 17:13:10,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
27.07.2013, 17:09
| #5 |
| | Mail account gehackt? FRST.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-07-2013 04
Ran by Simon (administrator) on 27-07-2013 17:40:49
Running from C:\Users\Simon\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Simon\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-04] (Facebook Inc.)
MountPoints2: {313318f1-6875-11e1-8f5b-000b6b62c5a8} - G:\setup.exe
MountPoints2: {d25b58aa-686c-11e1-aa4b-806e6f6e6963} - E:\setup.exe /autorun
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default
FF Homepage: www.spox.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Simon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Simon\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\Extensions\ich@maltegoetz.de
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-07] (DT Soft Ltd)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-27 17:40 - 2013-07-27 17:40 - 00000000 ____D C:\FRST
2013-07-27 17:39 - 2013-07-27 17:39 - 01780815 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2013-07-27 17:13 - 2013-07-27 17:13 - 00001091 _____ C:\Users\Simon\Desktop\JRT.txt
2013-07-27 17:08 - 2013-07-27 17:08 - 00000000 ____D C:\Windows\ERUNT
2013-07-27 17:06 - 2013-07-27 17:06 - 00561198 _____ (Oleg N. Scherbakov) C:\Users\Simon\Desktop\JRT.exe
2013-07-27 17:00 - 2013-07-27 17:00 - 00001155 _____ C:\AdwCleaner[S2].txt
2013-07-27 16:53 - 2013-07-27 16:54 - 00012255 _____ C:\AdwCleaner[S1].txt
2013-07-27 16:51 - 2013-07-27 16:51 - 00666633 _____ C:\Users\Simon\Desktop\adwcleaner.exe
2013-07-27 00:28 - 2013-07-27 11:14 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-07-26 14:28 - 2013-07-26 14:28 - 00008668 _____ C:\Users\Simon\Desktop\Gmer.txt
2013-07-26 12:58 - 2013-07-26 12:58 - 00377856 _____ C:\Users\Simon\Desktop\gmer_2.1.19163.exe
2013-07-26 12:50 - 2013-07-26 12:50 - 00067884 _____ C:\Users\Simon\Desktop\Extras.Txt
2013-07-26 12:48 - 2013-07-26 12:48 - 00061862 _____ C:\Users\Simon\Desktop\OTL.Txt
2013-07-26 12:15 - 2013-07-26 12:15 - 00602112 _____ (OldTimer Tools) C:\Users\Simon\Desktop\OTL.exe
2013-07-26 12:12 - 2013-07-26 12:13 - 00000472 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-07-26 12:12 - 2013-07-26 12:12 - 00000000 _____ C:\Users\Simon\defogger_reenable
2013-07-26 12:09 - 2013-07-26 12:09 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-07-25 17:17 - 2013-07-27 17:22 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-25 17:17 - 2013-07-27 17:22 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-25 17:17 - 2013-07-25 17:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-25 17:17 - 2013-07-25 17:17 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-25 17:17 - 2013-07-25 17:17 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-25 17:17 - 2013-07-25 17:17 - 00000000 ____D C:\Users\Simon\AppData\Local\Google
2013-07-25 17:16 - 2013-07-25 17:17 - 00784856 _____ (Google Inc.) C:\Users\Simon\Downloads\GoogleEarthPluginSetup.exe
2013-07-17 10:44 - 2013-07-17 11:48 - 196298964 _____ C:\Users\Simon\Downloads\Macklemore and Ryan Lewis - The Heist (2012).rar
2013-07-11 16:39 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 16:39 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 16:39 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 16:39 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 16:39 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 16:39 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 16:39 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 16:39 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 16:39 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 16:39 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 16:39 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 16:39 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 16:39 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 16:39 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 16:39 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 16:39 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 16:39 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 16:38 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 16:38 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 16:38 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 16:38 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 16:38 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 16:38 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 16:38 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 16:38 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 16:11 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 16:11 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 16:11 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 16:11 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 16:11 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 16:11 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 16:11 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
==================== One Month Modified Files and Folders =======
2013-07-27 17:40 - 2013-07-27 17:40 - 00000000 ____D C:\FRST
2013-07-27 17:39 - 2013-07-27 17:39 - 01780815 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2013-07-27 17:22 - 2013-07-25 17:17 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-27 17:22 - 2013-07-25 17:17 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-27 17:13 - 2013-07-27 17:13 - 00001091 _____ C:\Users\Simon\Desktop\JRT.txt
2013-07-27 17:09 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-27 17:09 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-27 17:08 - 2013-07-27 17:08 - 00000000 ____D C:\Windows\ERUNT
2013-07-27 17:06 - 2013-07-27 17:06 - 00561198 _____ (Oleg N. Scherbakov) C:\Users\Simon\Desktop\JRT.exe
2013-07-27 17:02 - 2012-03-07 19:36 - 00000000 ____D C:\Program Files (x86)\Trillian
2013-07-27 17:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-27 17:01 - 2009-07-14 06:51 - 00080614 _____ C:\Windows\setupact.log
2013-07-27 17:00 - 2013-07-27 17:00 - 00001155 _____ C:\AdwCleaner[S2].txt
2013-07-27 17:00 - 2012-03-07 17:50 - 01768216 _____ C:\Windows\WindowsUpdate.log
2013-07-27 16:54 - 2013-07-27 16:53 - 00012255 _____ C:\AdwCleaner[S1].txt
2013-07-27 16:51 - 2013-07-27 16:51 - 00666633 _____ C:\Users\Simon\Desktop\adwcleaner.exe
2013-07-27 16:50 - 2012-11-29 17:49 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-27 16:26 - 2013-01-18 18:05 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000UA.job
2013-07-27 16:26 - 2013-01-18 18:05 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000Core.job
2013-07-27 13:22 - 2012-04-06 13:28 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A0C22FBD-CC6F-47C1-AB00-DCE59D1AFD01}
2013-07-27 11:14 - 2013-07-27 00:28 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-07-26 14:28 - 2013-07-26 14:28 - 00008668 _____ C:\Users\Simon\Desktop\Gmer.txt
2013-07-26 12:58 - 2013-07-26 12:58 - 00377856 _____ C:\Users\Simon\Desktop\gmer_2.1.19163.exe
2013-07-26 12:50 - 2013-07-26 12:50 - 00067884 _____ C:\Users\Simon\Desktop\Extras.Txt
2013-07-26 12:48 - 2013-07-26 12:48 - 00061862 _____ C:\Users\Simon\Desktop\OTL.Txt
2013-07-26 12:36 - 2012-03-22 21:23 - 00000000 ____D C:\Users\Simon\Documents\Outlook-Dateien
2013-07-26 12:15 - 2013-07-26 12:15 - 00602112 _____ (OldTimer Tools) C:\Users\Simon\Desktop\OTL.exe
2013-07-26 12:13 - 2013-07-26 12:12 - 00000472 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-07-26 12:12 - 2013-07-26 12:12 - 00000000 _____ C:\Users\Simon\defogger_reenable
2013-07-26 12:12 - 2012-03-07 17:54 - 00000000 ____D C:\Users\Simon
2013-07-26 12:09 - 2013-07-26 12:09 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-07-25 17:26 - 2013-07-25 17:17 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-25 17:17 - 2013-07-25 17:17 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-25 17:17 - 2013-07-25 17:17 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-25 17:17 - 2013-07-25 17:17 - 00000000 ____D C:\Users\Simon\AppData\Local\Google
2013-07-25 17:17 - 2013-07-25 17:16 - 00784856 _____ (Google Inc.) C:\Users\Simon\Downloads\GoogleEarthPluginSetup.exe
2013-07-25 13:05 - 2013-04-27 13:00 - 00011988 _____ C:\Users\Simon\Desktop\Fahrtkosten SS2013.xlsx
2013-07-25 12:00 - 2009-10-24 17:51 - 00700418 _____ C:\Windows\system32\perfh007.dat
2013-07-25 12:00 - 2009-10-24 17:51 - 00149182 _____ C:\Windows\system32\perfc007.dat
2013-07-25 12:00 - 2009-07-14 07:13 - 01621244 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 23:23 - 2012-03-08 16:10 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Skype
2013-07-17 17:44 - 2012-03-07 22:23 - 00000000 ___RD C:\Users\Simon\Dropbox
2013-07-17 17:44 - 2012-03-07 22:14 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Dropbox
2013-07-17 11:48 - 2013-07-17 10:44 - 196298964 _____ C:\Users\Simon\Downloads\Macklemore and Ryan Lewis - The Heist (2012).rar
2013-07-13 16:05 - 2012-03-07 19:46 - 00000000 ____D C:\Users\Simon\AppData\Roaming\vlc
2013-07-13 13:03 - 2012-03-07 20:01 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-07-11 16:50 - 2009-07-14 06:45 - 00527952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 16:48 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 16:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 16:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 16:46 - 2012-03-15 18:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-11 16:40 - 2012-10-18 23:21 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-03 16:12 - 2012-04-25 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 10:40 - 2013-03-08 14:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 12:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-23 17:45
==================== End Of Log ============================
--- --- --- Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2013 04
Ran by Simon at 2013-07-27 17:42:10
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Age of Empires III (x32 Version: 1.00.0000)
Athens 2004 (x32)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82)
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) (Version: 17.0.13800.0000)
Autodesk Inventor Fusion for Inventor 2013 Add-in (Version: 1.0.0.111)
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000)
Autodesk Inventor Professional 2013 Deutsch (German) (Version: 17.0.13800.0000)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000)
Autodesk Material Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Low Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
Autodesk Vault Basic 2013 (Client) (Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) (x32 Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) German Language Pack (Version: 17.0.61.0)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
AVS DVD Player version 2.4 (x32)
AVS4YOU Software Navigator 1.2 (x32)
DAEMON Tools Lite (x32 Version: 4.45.3.0297)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 1.6.18)
DWG TrueView 2013 (Version: 19.0.55.0)
Eco Materials Adviser for Autodesk Inventor 2013 (Version: 3.9.12.0)
Facebook Messenger 2.1.4814.0 (x32 Version: 2.1.4814.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Fifa 12 (c) Electronic Arts version 1 (x32 Version: 1)
Gemalto PKCS#11 For .NET Smart Cards V2+ (x32 Version: 2.1.3.201)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Marvell Miniport Driver (x32 Version: 11.24.27.3)
MATLAB R2010a (Version: 7.10)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NBA 2K12 (x32 Version: 1.0.0)
NBA 2K13 (x32 Version: 1.0.0)
NVIDIA Grafiktreiber 295.73 (Version: 295.73)
NVIDIA HD-Audiotreiber 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (x32 Version: 9.12.0209)
NVIDIA PhysX-Systemsoftware 9.12.0209 (Version: 9.12.0209)
NVIDIA Systemsteuerung 295.73 (Version: 295.73)
odesk Inventor Fusion 2013 (Version: 2.0.0.206)
Pro Evolution Soccer 2012 (x32 Version: 1.00.0000)
Pro Evolution Soccer 2013 (x32 Version: 1.00.0000)
Pro Evolution Soccer 2013 DEMO (x32 Version: 1.00.0000)
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (Version: 17.0.13800.0000)
Skype™ 6.3 (x32 Version: 6.3.107)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
VBA (2627.01) (x32 Version: 6.03.00.9402)
VBA (2701.01) (x32 Version: 6.03.00.9402)
VLC media player 2.0.0 (x32 Version: 2.0.0)
Winamp (x32 Version: 5.623 )
WinRAR 4.11 (64-Bit) (Version: 4.11.0)
==================== Restore Points =========================
09-07-2013 08:19:06 Windows Update
11-07-2013 14:32:42 Windows Update
16-07-2013 09:13:51 Windows Update
19-07-2013 12:01:53 Windows Update
23-07-2013 09:21:30 Windows Update
26-07-2013 09:29:30 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0015A4C3-4342-42A4-B5C3-4FCE91F2FC42} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {006CBCB2-9A93-49AF-ABA7-50ECD5610A04} - System32\Tasks\{45DBD899-5756-4646-96DB-6C2AC93A4C00} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {00E4278F-3C98-4A04-B631-6F4FB98550BB} - System32\Tasks\{4DD675E0-AFB1-4BB9-B015-DF421826D18F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {01AC86EE-79E4-4842-86D9-B1B841324DAE} - System32\Tasks\{2EC66692-9450-46B2-840F-2B7A304B9295} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {022D660E-E71A-4DF6-86FE-3A1985619CC5} - System32\Tasks\{5D1FA262-E6A9-42A2-8D3B-D20DE6368A54} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {02742820-2C08-48E4-9F14-4604868D56DF} - System32\Tasks\{1D7E4D95-141A-4BEC-A02F-9905C02D7D43} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {02D35FA3-2142-4BFB-B35C-6FE3807CE7B0} - System32\Tasks\{E27C490F-5005-47B5-816D-E24FF233331A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {031B6C46-8C19-47E3-BBF2-BAA9AFBE7985} - System32\Tasks\{4E7180DC-153A-4152-A9A2-5C9DDE3DB21E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {035DF46C-A680-41AB-B0D2-4A290D799B6A} - System32\Tasks\{948BDF98-C8B6-43DD-B340-54509ADA7034} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {067284CF-340B-4FE5-B885-4A1F20478EB0} - System32\Tasks\{CDB53604-2BF5-4D31-9FC0-8F5C6631DE02} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {06A8CEE0-4A8A-4310-A1C7-DDE82547B8C5} - System32\Tasks\{B4F29C1F-4132-46D5-894F-A75E69414CB4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {06F5696F-05BB-4957-B92B-86798DCD5A6A} - System32\Tasks\{D43A12F8-87E0-4929-BB51-59E5DC6ED777} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {07151A79-FDF5-40B0-956C-C43746C640CA} - System32\Tasks\{FF01B25F-F673-489F-9F2F-D449A8AA8D24} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {07B86477-5315-4B7C-ABD2-CC555BCA869E} - System32\Tasks\{BF2E90CD-3B84-4E10-B865-D771109429BE} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-07-03] (Mozilla Corporation)
Task: {08C5DE25-2AEB-48F0-8181-3A45D783255D} - System32\Tasks\{2A6F0A7B-BC1A-4C02-A17F-B0882412B283} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {08C77D17-05E9-4C1B-9E52-C65013F4CB80} - System32\Tasks\{4944650D-0D16-4C49-827E-8CC088F71A5C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {08EB6A91-60D9-41D4-B4E2-D3A5E1E1D5F3} - System32\Tasks\{91D3D1A5-53EF-4FFF-8AFF-F788C9118DD8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {0952627A-2E34-4355-B1B5-596DF0E1214A} - System32\Tasks\{1F5429BF-5121-4391-9CA5-C603352D7575} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {099FA716-B71D-4149-AB93-99C234575633} - System32\Tasks\{5E51B6FA-FFB5-46A2-A5EA-C1A6AB81196D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {09D28CA7-90B9-4263-8627-A310E2A9FC65} - System32\Tasks\{BD24D2BE-0EA6-473F-8718-B5F39B3FD480} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {09E12ACF-6523-4620-A6CA-5621FEE13C98} - System32\Tasks\{B9F23713-47C9-4FD9-ACCA-EB4506D65220} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {0A908CDF-B764-4B14-8121-0FE9A2047C0C} - System32\Tasks\{028592ED-DD47-4465-81C6-E046F7A40253} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {0A9780C5-34B9-4B85-92BC-FF538D65742A} - System32\Tasks\{A7379AB3-9881-4620-8CC5-28BD93EB31B0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {0BBF5F78-D9A1-48AA-8BE8-0002F05AC94D} - System32\Tasks\{936DAFDA-AC29-410F-B84B-2DB834282DB5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {0C76F166-3325-41CE-AE16-156D63DAE500} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {0CD4A796-6EFD-401D-AFA7-60CDDBE10EF8} - System32\Tasks\{1DA40EDF-C9C1-4F0E-8C39-3C9C355355DF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {0D669B90-EC45-4F37-B851-D54C0FE23D90} - System32\Tasks\{33C270F8-6F70-47A7-AC9D-9DD647EEBF33} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {1174872A-ADC6-4825-B6A5-366ACCE6BDA0} - System32\Tasks\{5DF5B948-9268-4DDE-A967-934E57078270} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {120E3C60-CF2B-45A6-9D92-5F6292C0E291} - System32\Tasks\{72C572C1-0B7E-446C-8CF8-3F8D83386CF5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {132FD50E-276E-415E-95BC-0BCC2CDCA559} - System32\Tasks\{79228F38-5F8D-4BC9-AC11-EEEE68ADFDCC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {14642408-9C99-4AD9-93F3-2DB2C204EA82} - System32\Tasks\{86618FCD-9980-493B-B79A-81BDA079C260} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {156B6CBF-9980-467C-8DB2-C41034F8DAAB} - System32\Tasks\{165F42B2-9C87-47F4-8A75-089B9BEF9744} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {15A3E9D9-9AA1-4BF9-91D9-0E55BD26B570} - System32\Tasks\{224BEED2-0AC6-460C-88EF-6D79BD7E68F9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {160F43A0-74DD-4A97-8DDC-B4705989EAB7} - System32\Tasks\{502191E1-2B89-45F5-98B3-374982753586} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {16E3912E-6F20-4F6A-B2E7-7C4173DAFEB1} - System32\Tasks\{788C1A86-D3AF-48A8-B112-7F3BEA666E8F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {17AE3A53-79C1-4BAF-A376-A0882028C565} - System32\Tasks\{5C25B64F-4FFB-46AF-868D-4300FBE7FDA5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {17F705DA-803B-4122-8AB0-78A1CCF6B49F} - System32\Tasks\{2507C20D-1FEB-472B-897E-A65D69C5451B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {1A13E354-F50C-45A5-8D2A-C0271FBD01B0} - System32\Tasks\{E5EA7F02-6AAC-4273-8655-898A2E9F605E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {1A525DDB-7344-466F-B4E5-BDE3C6DA1BD4} - System32\Tasks\{05027E11-7681-4F17-B2F0-5C52800CBAE6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {1BB1F45B-0545-42B1-B4DA-6E41A7DF1553} - System32\Tasks\{7B4981DA-AEB8-4273-A55D-8389233ECD91} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {1F537738-4B97-42D9-A803-E8D8276EF395} - System32\Tasks\{79A56286-8F1B-4C95-886D-EA57C4DC6B13} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {1FA1E6CC-7B6E-478D-BE7B-68A452B3B1BC} - System32\Tasks\{8BE52E0C-1410-450B-8F77-986C9EAA395F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2219D323-6CAA-4C0B-B3CB-CD7DFD2C1184} - System32\Tasks\{909DA1F2-B7DD-470A-A193-56C74304FF5E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {22239940-9826-4F3A-8020-3639CE20F871} - System32\Tasks\{DC53FBF0-AED0-4268-8A92-F922DC4115E3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {235886CE-C767-4BDE-BF0C-3824C97B0638} - System32\Tasks\{58924E58-5B8C-4F30-B6A4-6F9B80573432} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {235AAC2D-EB9A-45D2-BE71-0D9A66AD1ACC} - System32\Tasks\{CF9A9D73-3A40-42A8-90FD-1BB158716CD5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {23CB3D59-0E74-4EA0-A096-DCDDB46046FA} - System32\Tasks\{265B9796-CADC-4713-BF5D-0808989C94EB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {246FA736-78F6-4AF9-A4F1-A50CD2542216} - System32\Tasks\{4656781D-5895-404A-8474-6071FD6FB376} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2485C004-1171-4969-AD1E-5A994474B323} - System32\Tasks\{D949E1AD-ABD8-4922-8A32-537673728A75} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2574AE75-8347-4D21-A61C-A45ACBC9E795} - System32\Tasks\{53A2DFF5-9DF1-4A52-9D2B-7DD4AB6CAE54} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {26B0B372-898E-4E69-9933-522078844E48} - System32\Tasks\{5C363E4C-ABAE-414B-992D-54916E532C3C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2703F837-8BF5-4AD8-B659-D30F824396E3} - System32\Tasks\{CE25128F-3121-4BDE-9F92-D23A6C86F531} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2778B599-8920-4E08-B164-9A2BB4E5975E} - System32\Tasks\{4F3E55CB-F332-4738-8F3C-1F9B793433D5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {27E0BA02-45F3-49C5-BE90-8A3FD853D59A} - System32\Tasks\{8A404995-56EB-4AA2-B521-84F0D16F7A8A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2819BA27-8A6B-4A51-A453-789472685BC5} - System32\Tasks\{BC75A956-F2DF-40E1-86FA-63293AA9E71D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {29200551-0BA9-4EC5-A2CB-A692090AA43F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000UA => C:\Users\Simon\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-04] (Facebook Inc.)
Task: {2A0B6321-883D-4FBE-AD9D-F7E459E236FA} - System32\Tasks\{1585A382-BD28-495E-87A8-01323B5D204E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2ACB6870-B12A-4CEA-8E22-B3DC3D076A5C} - System32\Tasks\{E30FEC89-93CA-4227-83A8-8FB40280FA0E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2C0C1EB1-17C8-4318-8D8A-B47F691EE01C} - System32\Tasks\{AAFC310D-7B78-4BC8-A81E-FB6AF3923744} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2CDD3E19-5F51-492D-8994-F5EDBA4B4E13} - System32\Tasks\{3C0DAD59-2E99-4317-912B-4CA5CACFD5BB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2D3F584D-90A5-4D18-81E9-D8DEC447FDDD} - System32\Tasks\{B4FD87A2-5869-473E-B35F-2D78178B9506} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2E08E314-DCED-4DC4-BE39-B8BE71DD63FF} - System32\Tasks\{631D1970-B8B2-4895-A2C9-4D4AFD396E1F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2E3AB5AB-635A-4F08-BBC2-87DB31F8BB43} - System32\Tasks\{F6408D15-2E98-46F3-BC75-B9CF9BF02CA0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2E411CC0-EE5C-4A05-88F0-49DF7E28129A} - System32\Tasks\{863D129E-6918-4F8D-9BDC-E016DDEB1A87} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2E863EDE-2EDC-451D-AC23-B12B4413654C} - System32\Tasks\{BF0C4F5C-6B9C-41D9-B4F2-B6FF4A2FC1B8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {2ED105EF-06A9-455C-9874-7F312ED03126} - System32\Tasks\{6B74A292-BD1D-4033-932E-07E5C279B318} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {30B8BD8B-9F4D-4357-AA26-AE9FA3DF9EF6} - System32\Tasks\{319868E1-FF29-4E0A-97B0-ED10B4718B3F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {310E9B6F-EFE1-45BC-BA99-88B9B2D2870C} - System32\Tasks\{6658A4C7-2D53-4C43-824A-F26DB9BEF66F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {31299E54-1E68-417C-8C08-E0E47653CCF0} - System32\Tasks\{150721F7-ABA1-4BC1-8739-5529B635CA08} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {319FDE7A-A4BD-4AF2-84FA-7ACFF6106A98} - System32\Tasks\{B225FF23-2214-4446-AE0A-B22FB9970077} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {31C83311-EFDC-4362-9C3C-7C924EB4F154} - System32\Tasks\{88386179-EA60-4092-8FCC-F568427C31A7} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {326D027A-58D0-414D-B27D-856C4CC6A47F} - System32\Tasks\{BDF46033-3AC5-4B51-8442-9F49274BECDB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {328CB8B4-8610-4038-BDC4-DD8B2B50BA27} - System32\Tasks\{9F001D2B-0FA0-4E80-B5D2-B404191453E2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {335DBC53-27C5-485B-8CEC-AE8011F6620C} - System32\Tasks\{5B34F69F-6B75-4AD5-9288-05510E3A31BB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {35F43264-C0C3-4357-9EB9-5FBB017DE4C9} - System32\Tasks\{EA4AC881-0182-4886-ADC2-EDAD0A1B017D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3688AD31-16BE-4E52-8821-0EBF3DFFE3F9} - System32\Tasks\{66F56BC7-A2CD-4482-9F55-1522532CE47F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {37061E98-6AC9-4D70-A5FE-8199EFEB4A43} - System32\Tasks\{892CB8A9-F096-472C-86B7-02D027C1651E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {384D96B4-5744-4823-9B79-5C42076C6909} - System32\Tasks\{064B3828-F10C-4F64-BE70-3633F6609C0D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {38635ED3-C33E-4E36-B685-F152792B4E07} - System32\Tasks\{C056387D-ACF4-4B6E-8331-D2A66AFAA675} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3A35DAE1-EAF7-41D9-8F3A-F0305C92584C} - System32\Tasks\{7BF47145-576A-4B80-8B84-8AD1E2A41024} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3AC3FD1C-8704-4797-8F4E-0D6194AAB7C3} - System32\Tasks\{7E7D0409-EC42-4189-82C8-53DAEBF0AE42} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3B399994-394A-4457-90EC-C3DE0A53D17D} - System32\Tasks\{6A4BF868-2866-44BB-9AAC-32CA34AAD909} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3BE2D642-4B7B-434C-A1FB-97A688FFCC1C} - System32\Tasks\{9D93C881-FBFA-411C-A7AE-3C9363ECCB95} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3C2E3A59-F731-4966-97B8-6687251B86C8} - System32\Tasks\{5A6D75D7-39E8-448E-8A18-42B77D0CD682} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3D63BC5F-DEC1-4A17-A80D-F6F87016D725} - System32\Tasks\{58E45B9D-1019-45CD-A3C2-C03D2812A3B2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3E15E898-F356-4FEC-AC8D-05BB3F0B60B1} - System32\Tasks\{215D0991-C8DD-4916-B8CE-7F765CA64BFC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {3F3309B5-7CAD-49B7-9BAD-347A83910F01} - System32\Tasks\{EE15AF7A-2337-4468-BF36-7D6D82B3D447} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {40DEDFEA-0917-4682-91CE-A29F96513325} - System32\Tasks\{F797C804-BF71-4C0E-8FF1-BC01E882A22C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {41600C5E-FEC8-4C5C-BE05-E40B8D191D2A} - System32\Tasks\{1DC43BD3-6895-49D0-B1C6-E060B7041AB4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4168C8C8-4777-4825-A7F5-401BA57C664E} - System32\Tasks\{B26B1430-D536-4371-901A-5ECCF0612B7E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {421C5A5D-4998-439E-B81B-3D359131CFBB} - System32\Tasks\{39C475BC-53E9-4588-A15C-5F9F64A45148} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {424B37DA-591E-4EA9-9220-B5E2168D2AD6} - System32\Tasks\{3EE937A7-CDFF-4404-A6CD-E1B785843285} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {42F14456-CEE8-4C89-9B45-B8121DE414FB} - System32\Tasks\{ABD4C9DF-0AA2-42B8-B332-8D7BF11E9A76} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {43355FA8-FCCE-4292-A10B-07D5C27AA795} - System32\Tasks\{1A465EA5-D5B8-4439-BF2A-86E404F783A8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4342DF16-6206-400A-9526-D4E2C7BD3B3C} - System32\Tasks\{A99C69DD-C3CF-42B6-B61C-01F232AB467B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4355FE2E-4E04-4217-AF0B-A07F1535AC83} - System32\Tasks\{95E1069D-7BFF-48B5-B9E5-C7E40FEFD56D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {44539018-2A74-4953-ACFA-B3518D74DF37} - System32\Tasks\{D149AEFE-FEA8-41D9-AC6A-B60A1B767302} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4503A1FD-1A8B-4200-9FA9-2D4837B03996} - System32\Tasks\{B15F5B6B-DAC9-49AD-B1C2-DAA5C52D3E26} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {488E76AC-EABB-43E5-9EB3-ADDBD86D7A6D} - System32\Tasks\{BD76911C-6227-4083-B80C-7F135553C500} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {48DDDA09-7A85-427F-ABE2-9F1E99813062} - System32\Tasks\{ACCB7787-2E66-4B48-878A-3C4DCC72416D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {49B2175B-41F4-4F1D-AF9C-35EB504FE359} - System32\Tasks\{2A162795-4D76-49B7-91E6-699D192C13D3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4A286695-9690-4F74-9E64-0B71CE009BD7} - System32\Tasks\{BE839534-42DD-44FC-8AAC-25DF9C2EA187} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4A74D253-D2D6-44DE-8644-D4F1A1F7E4D4} - System32\Tasks\{33C1E2AC-E58E-49C4-A7B6-47442382F30F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4A799A50-AD24-478E-87C9-D02915E98F2F} - System32\Tasks\{F3C68494-8EF5-43E4-B619-AD5BF7D5BE71} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4BEE6502-6CF4-40B5-AAA2-041C68D30402} - System32\Tasks\{EBD8842F-786A-45FD-B0AF-C5C8AF4CD2AC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4C2FD22E-8FE2-405D-810C-487777EDB33E} - System32\Tasks\{86592E21-C0C4-40F0-99F1-17C4C9495DE3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4CB42EF3-3581-40CA-AF3B-D7AA20639637} - System32\Tasks\{2416719A-43C2-42BF-9245-C92EF05369FF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4D225B1C-1CB0-4F3D-A49D-EE142319E573} - System32\Tasks\{F4F59D8F-8E51-46EB-A274-6EBDE01E12B5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4EDDEB72-3324-4AFA-A8D8-36CE8AA56C57} - System32\Tasks\{5DD900F2-3131-450C-9F47-E36A9D04A33C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {4FDDD084-3974-452C-8A38-B1B114E88375} - System32\Tasks\{0A530483-CEC1-4BFD-9919-10DAB2344EA3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {50A2A247-56AB-4BBF-A313-BA02AAE867A2} - System32\Tasks\{CC9D61D4-7BC4-4440-8588-9BAF05782C8B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {51B0260B-AD17-4E16-8F64-3419DB107A06} - System32\Tasks\{08298B42-989B-47F5-A0FE-82545C63918D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {51CEAA06-CD0F-4232-9995-424A022CCCA8} - System32\Tasks\{EE1015A1-62FC-4D6E-8038-AC37A2A86D74} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {51DD0DB1-0E8A-4D57-81BE-D76D79D3536C} - System32\Tasks\{09FCDFC8-9109-438D-8C6F-35B2FCE8919B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5365E104-4CAE-4BBA-9D0E-7FFF524469BB} - System32\Tasks\{94358291-21AF-4967-AE44-BC110A41614D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {53D49CBE-3284-48CE-8E76-A3F8BEFDFC22} - System32\Tasks\{EA60B977-8149-4373-8292-2E2FC2E120F3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {55252FA3-082A-41CA-860D-EA5E9D7C723F} - System32\Tasks\{C594BBA0-A299-488B-923B-9CDAA4B7EC1D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {552DF437-9F12-48DF-8450-76166AC9B687} - System32\Tasks\{E7F923D3-905F-4FA7-855E-614D0B5BDA3D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {55FEE23D-AF57-4055-A445-2CE5D74753E0} - System32\Tasks\{DD16B5A2-999B-4781-BC25-3205ECBD2873} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {564C79C8-FC23-4E48-8AD9-79CF69141428} - System32\Tasks\{2B9FB7AE-A756-42C0-BE1F-63CDDE9BF52F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5696BE6F-C399-47A7-B595-81D8BFF43798} - System32\Tasks\{F24769EE-7004-4A34-8753-E3405EF05F41} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {56BE5FC3-E1CA-4FA4-9CE5-75FBEF82C751} - System32\Tasks\{76571C53-C1E1-40E9-8EA8-633BB4C1D971} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {57145953-B967-4D22-8FAB-37466E24D544} - System32\Tasks\{F1C92C26-6C6E-4FA5-B8C0-E8981D353D41} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {57828C0F-12AC-441E-A0F3-25C6FCDDC928} - System32\Tasks\{353227D7-816F-41F2-9553-870EE6A79DFD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {58F783E4-E7A5-4D09-A756-6D9D568045F8} - System32\Tasks\{CBA9A2EF-F445-4C03-A9F3-3C8C2B3FE600} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {59FC56F7-FDC3-420B-A7BF-A364F692861A} - System32\Tasks\{066D8963-B17B-444F-BD5F-398E54AADDDC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5A22EC65-AE76-48CB-9C93-8F66F31F04B6} - System32\Tasks\{4B3E2C9A-9FDA-4411-975C-781515A89CAA} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5A57CBAE-2FA8-495D-AFAD-85ADD0D0917D} - System32\Tasks\{E68784EC-A2AF-40C9-94B5-C733565C975E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5B466EC3-62E9-4B04-ADF4-1F358BD030AF} - System32\Tasks\{496BE105-70EE-47DD-BE20-329E15A3C936} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5B475C1E-4CD0-4321-BDFD-850FA6A40102} - System32\Tasks\{4F3E01AC-80EA-49DB-8711-74765A147A76} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5B6B8D52-3B61-4D10-9E18-153A302D28ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {5BC71CED-DEE2-4BA3-BFFB-D6BD479B8BC8} - System32\Tasks\{253766B9-2FBC-4CD6-8CF5-B4F93E9A399E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5BCC28A8-6DD7-4F48-83B6-A7B3B5D8E524} - System32\Tasks\{585AD91E-9FDA-4EF1-AAA1-8630C5DE032D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5C684CC2-1C5E-4EDD-A1D4-EC683F72DB9C} - System32\Tasks\{20F2C92D-A522-4F2B-B32C-898AF0D86EB7} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5CA637E0-32E4-4E05-A134-4A02FA0B8DC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {5D10C37B-8E90-450C-973F-12A0930D400C} - System32\Tasks\{BEA78119-1AF8-4F73-98F1-3FB3E472E900} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5EEF57CE-052B-437A-BBC4-8290E9B0EA41} - System32\Tasks\{2DD8547B-CE5D-484F-A57C-677103BFD6DD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5F46909F-FDD3-4C41-B63F-F53CD3002379} - System32\Tasks\{576E63C7-B751-4F19-B9FF-278894E91594} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {5F910F3C-7975-404B-B81A-AD7AF3312D85} - System32\Tasks\{428AAC10-2228-440F-878B-6BBAB6D0DF9F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {60631B6B-48D2-43B2-AC40-A1C2117EA387} - System32\Tasks\{0B9BE0A9-5B6A-41C4-BDFC-F6B05DB9923B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6082FCA8-C340-4746-8A09-01F86744F024} - System32\Tasks\{9B6F896A-015B-4DDB-A12E-FDECE876DF5D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {60972685-F420-4485-B9FE-B45D13D59977} - System32\Tasks\{BB947C3F-A9E5-469F-B484-370FE20A9266} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {61806EAC-1F91-4236-AEF8-334482E54235} - System32\Tasks\{08704940-BF15-4128-B65C-2768A75023E1} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {61B06055-CF23-4F60-8F87-BFC039B189FE} - System32\Tasks\{14015D8A-3B53-42E0-914F-D5523D0EBC6E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {61F4052B-CCB4-46DB-AF2C-56CC1BD14C79} - System32\Tasks\{54E6AD67-1DC5-41CF-B7B1-1DDD5E37EA2E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {62431661-0E5C-4CE8-888A-B69BE83582FD} - System32\Tasks\{ABC0A9EF-B546-44EA-87E9-FD66DCE62788} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {62D0C600-87A0-44E6-86A1-249544A2532A} - System32\Tasks\{8B670F40-AF5C-4C47-96D5-E22A7F6E9764} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6394AD16-4783-46FE-A69C-E1DD7754AD01} - System32\Tasks\{0975FF94-209F-49C9-B48B-F01035BD83A6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {63A1BA14-595E-41C1-AA15-1112CEA728C6} - System32\Tasks\{49B7AFB0-4470-44E4-87E1-20E8578240A4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {63E539C8-871A-4DAC-9898-E8FCF2CD13E0} - System32\Tasks\{DFD804E2-A909-4276-8556-BC8D49C4111D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6415703C-430A-4A2B-987F-AF712A64948C} - System32\Tasks\{A9565C4C-9033-4256-BC28-D4A831425D58} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {642A4E73-E313-44EF-B503-D9B3CEB8A316} - System32\Tasks\{33DB8CD5-12CE-42B9-8327-E142FA9C68B4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {643F187D-D486-402B-BFFA-99E6D48BB128} - System32\Tasks\{8CAA353C-B785-45C3-AFE2-14E843F52FBA} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6AF305D2-BFE2-4A2E-862A-3162C96BDA77} - System32\Tasks\{3CD7787A-C62F-4B53-8972-23BFC2C569DA} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6BE997DA-D416-4E7B-BF6A-97B9D84CA9BB} - System32\Tasks\{AE8CED6C-7090-47A8-A63E-4C9E79A11A3B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6C4A5A13-4F55-413A-BBA9-513B733FD2FC} - System32\Tasks\{8B2768D3-EBA7-4572-BC0A-EA90F3F83E64} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6D3ACFE0-E0B8-4CD0-8330-F1636369511E} - System32\Tasks\{18CF9E44-7F75-4F36-8E54-1AFF42A38D2E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6D541ACE-538A-4545-BB97-82E0342F146B} - System32\Tasks\{C3B8F015-C979-4AD0-AB3B-B1462A7F40FF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6E40932E-5F10-4C02-8AC1-9B3C640D2586} - System32\Tasks\{E2A15A6C-63E8-4F2A-A058-F901121799F3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6E68E99C-69C6-4E63-AC01-B3057F8A8C30} - System32\Tasks\{43F56BD5-259A-479B-8D2F-9CEB8AC3C43F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {6F64FDD7-EF79-4015-97A9-EE20FA9578B5} - System32\Tasks\{CDD8275A-0097-43D4-80BE-49FA55DF1CF5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {70E01F41-BB1C-4179-8068-D96CC0488731} - System32\Tasks\{BBD1EC10-51B2-4436-B0DE-3A2F599CFDB9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {71BA2658-6F28-4C17-908E-7C9D5A526C99} - System32\Tasks\{83AB7E16-D5CC-4B18-B585-C461991674F8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {728B8ADD-789E-4499-B3D2-BE602B0948AE} - System32\Tasks\{EECB4D83-8F0F-4B68-9108-A30A9DD66C0C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {72AADCD9-EBD7-4E90-BE61-708F7A327C7B} - System32\Tasks\{0D61F7B8-8EDD-4E59-B7B0-8CBECEF731F5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {72D30EF5-0F98-4626-A1DC-19D33147D801} - System32\Tasks\{AD5B0810-4CC1-4043-A8B5-FD630C91B401} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {73969703-7714-4694-BEE5-EA102F92D486} - System32\Tasks\{AF0C21C6-568C-4FFC-A631-E8C99467F94B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {739BA45A-0C16-4269-8858-A8041B3C2585} - System32\Tasks\{B9CB807F-E4BF-42F4-9FEC-83D32A552093} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {749DF93B-1497-457A-B377-094CD391797B} - System32\Tasks\{130ECA53-7B02-4D19-A490-2ACF8E99BAD4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {74AC192D-9EAD-4BB0-9A96-E014ACE2D894} - System32\Tasks\{1D154466-F14B-4101-A589-40F9117D05C8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7665F0F4-E3B1-4D6F-9822-CB1E98A8DA0E} - System32\Tasks\{FC7EFEE8-414B-48F0-A2AE-221BD619D885} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {76807FCD-C1AE-43C1-AF08-D4ED211B883E} - System32\Tasks\{21571CB3-7B19-4A4F-A351-7BB2513AB8B8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {78E1F109-0BD7-4B72-81BD-1F7B7C2E26D1} - System32\Tasks\{C3CD92FE-465C-4CBD-8A84-29CC16C6704E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {79251DDE-E714-470A-A71E-C8BBC14AD52F} - System32\Tasks\{85E42E2A-44CC-4F44-94B4-5DCB2D12B8B0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {798D2F93-B61D-4590-8CA3-39861147715D} - System32\Tasks\{158D5C4E-29DE-4CB6-8E9E-C3BEF89090AD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {79982915-8AA9-4569-9943-9FF461FC4921} - System32\Tasks\{487C764C-5DEB-4FC5-A96B-8346EE476AEE} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {79E5AF8C-60F2-4B11-BE3A-761C0C2502D2} - System32\Tasks\{650555B6-4414-4635-BB55-26B13EC1786C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7A1E183F-E022-4AF0-833F-91DA48FF8356} - System32\Tasks\{4E5FF3B1-A9B0-4BFC-B6FE-CB336A1F3E66} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7A6F2F03-87BC-48F6-8C9E-F4A18FA431E3} - System32\Tasks\{C82CC962-CF8D-46D4-9554-3E316FCA5218} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7A814577-B6E5-4AFF-AB6D-9B58BB393F63} - System32\Tasks\{1BCB65B6-976E-4FA8-9049-D7556C368C3A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7C643728-1331-45D7-8A5C-6BAED14D4EAA} - System32\Tasks\{10B20DF3-F249-429D-8724-1992AD5E56FD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7D844465-041A-48AA-8D3A-DF88ABDFB458} - System32\Tasks\{FB53F4AE-A6B0-4768-95C0-37999A926002} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7E0ED647-5E34-4E8D-B6BE-73C18B31FD9E} - System32\Tasks\{6FEE824A-B732-4233-BE39-B3ACDFFD84E7} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7F3EAA08-1AA7-45C3-B604-624A806A3A22} - System32\Tasks\{BCF40E49-35B5-4A93-A88F-FE68DD19BF42} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7F783671-CA34-4E3C-B529-5948429B47BC} - System32\Tasks\{9C2AB86A-C0AE-48F6-96BA-2E0600EAC031} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7FCB1798-D1C3-4183-81C6-1A5269A53C92} - System32\Tasks\{BE17B7BA-7740-4308-B6D4-6D48B40B42A9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {808076B7-7442-440A-8129-C087053261CB} - System32\Tasks\{A189055F-F18B-44A2-A6ED-53654A134B29} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {810BDD21-C57A-45DC-8C22-052CC9A52B7E} - System32\Tasks\{CDE07D35-440B-4493-B868-18699221CD9D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {819EEA27-D1C9-48F4-8D8C-E6458FB0EADA} - System32\Tasks\{E3FDF948-A023-4784-82FD-3255EA67E086} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {81F5BA9D-D6C5-4442-AF05-2A421C4CA273} - System32\Tasks\{8768F072-89AA-4329-87D9-D6922AA8993F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8327DDF4-0517-4F1F-AF08-914E1E3E67CA} - System32\Tasks\{4C0CCDE1-47F3-4730-B564-F7F7C8CF70DB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {83EB78AF-6A98-44E0-BB33-0F779D565DDE} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {85D4E1C2-C261-467B-9510-C00D39750014} - System32\Tasks\{CA685050-D44F-4E9E-9C43-C2C75A5D5B05} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {869FCCE1-5218-4CA3-878D-CA1E6CCC284C} - System32\Tasks\{E15D1C9F-666A-49FB-8698-C9EEAF661986} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {86CA8186-9942-4DBC-B1DD-8D26DC4FC412} - System32\Tasks\{E0CB089C-0AA7-4EB2-A1D0-E01C008095F5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {87A46B33-E81A-48AD-84E2-C31179049B7D} - System32\Tasks\{362F61E1-F994-4829-A8DE-3CF4DA12DBC9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {88606EBA-AC64-4E4B-ACE2-5CD89834E0F6} - System32\Tasks\{A9DFBB4B-9033-407F-B710-771635163ADA} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {897388EA-38CA-4204-BF1B-BC89EF40C28E} - System32\Tasks\{DC7B66DF-965D-45CB-89C8-596CCC91DF39} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8A1AC4D6-D984-458E-83D6-EE6290A158DF} - System32\Tasks\{B08DC45E-A93F-4369-A4D5-4031A5B1F946} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8AB2C279-F3AA-4AFE-8BBE-54DE87901653} - System32\Tasks\{AC30A7CD-0EF7-42FF-8E42-08032EC372ED} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8ADA569C-0BA1-4BE3-9A52-EAAD2A914870} - System32\Tasks\{DD608801-4472-4DFA-B430-EF2521DE0CA8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8AFFBCB8-92F2-4C10-80A7-5B83AA832789} - System32\Tasks\{9F5B114B-BF21-41A2-8FE4-0D7BBDA43E57} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8B430C0D-38DF-4F16-B926-9CD8F4BB3CA2} - System32\Tasks\{56E8852C-CA53-402E-8760-596C50B61005} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8C7EFB24-E1BA-411F-BCB9-7EE1B72FBB7C} - System32\Tasks\{0B2A91B0-43AA-4845-8D7A-2EF576E67ECB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8DFBCC27-14E7-4EA8-BFEB-679F2B6DD5CB} - System32\Tasks\{5249C542-318F-4F69-9C31-4DECAA323CA5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8E2CD89B-DD2F-4052-B4D2-7CAC3EEE01B9} - System32\Tasks\{DBFAA7E8-3278-4ACC-A42B-4D490B6E60AC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8E317555-E3C0-4035-8196-9BB8430BDC27} - System32\Tasks\{ED774724-127B-4A0E-890C-69D4E329E55C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8ED2FE22-CC03-425D-8442-8ACF73403424} - System32\Tasks\{A20FC2FE-C326-4E48-B43E-FCB33C304073} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {8FEA7DC8-C148-4FEA-8D20-6B4BF0F7CAEB} - System32\Tasks\{91AD9A5C-7C0E-47B5-BB2B-7EDB048F5D1F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {918BF426-E783-44AC-8F78-C7E5B24343DA} - System32\Tasks\{16E18309-E93E-4777-AE89-1D6978C73B94} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-07-03] (Mozilla Corporation)
Task: {92B7FC01-003A-4693-8C22-7E1194E35D4B} - System32\Tasks\{EEBD1762-FB58-4C6D-BF84-50C7CDFCA873} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {93838673-B5C9-42EB-BADE-2885712183E7} - System32\Tasks\{4657B393-D197-4830-B5A1-98159C7E0DDF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {94DF38F1-6CB1-4828-B2CC-A0B748EEEA3D} - System32\Tasks\{7E53A0DF-82BE-4BDF-AD67-0F85519D0A1D} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-07-03] (Mozilla Corporation)
Task: {950E140C-C3BE-4883-BD22-61A68EC533E2} - System32\Tasks\{88656ED4-0966-43D6-9423-7B1B3DB7D2A7} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {952A2677-9814-4DD2-AA10-8F7DD37BE53E} - System32\Tasks\{4058F534-F0C0-479B-A326-C1A21BA17DE0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {954B0B31-BC93-4D03-858A-5EA47EFC6D33} - System32\Tasks\{FA9EE94A-4F00-4F81-B976-00FA8CD76FDC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {956CA788-6C49-4768-A7F6-612A2DFC866C} - System32\Tasks\{DC520C97-D75F-4FCC-8B4A-7BD805601D59} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {95B22B54-0895-409C-A56F-BF06B4986362} - System32\Tasks\{659C528E-2DB3-48C8-9E63-32139F2E878E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9693E905-331D-4515-A8E4-8E9ED8B8E5EC} - System32\Tasks\{84FC1275-2544-43C1-BCA2-ECD5529F3528} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {97A996BB-E552-40D8-B73B-2E66E06FAD84} - System32\Tasks\{935A2C78-C279-43F8-9309-E3711E3031F5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {97F45D89-0970-4ECC-8AC7-AA3F590ABFB2} - System32\Tasks\{4E9299AE-5ED6-44F8-88DB-1F80DC101C54} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {99D3D85E-5C26-449D-9114-6B6D293574A3} - System32\Tasks\{8EA79B7F-6D8D-4935-8058-C46E973B6803} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9A0C7F8E-C3FF-4F53-B72A-4D31B251176D} - System32\Tasks\{4305CECF-51C1-4084-B5EC-17B84100B32C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9B0424E7-CFFE-408C-A301-2BD8374FA223} - System32\Tasks\{21152B20-A9E1-40EF-9DB0-14AE23162AF3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9B2B9098-F5F1-4053-B84C-4ECB62866135} - System32\Tasks\{3E56C7DF-3F75-4730-986D-77833FDF2D52} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9BA76FDF-BFFB-4D13-AC53-B794507615C1} - System32\Tasks\{C0BF4133-82E4-4ED7-A89B-4A12F91036C2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9C8A20FC-24A3-4B9D-A8E3-F56D6C383A20} - System32\Tasks\{EA374BC2-624B-43EA-A6BA-9E23B32CA2BB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9CB65C99-C1A9-4E47-BFB8-07C225F4076F} - System32\Tasks\{46A4A72D-90F9-4451-A74F-532D30A48A07} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9E64987B-8696-4E26-B95E-F9945D73DC81} - System32\Tasks\{02E3B412-3205-4C8E-8DE8-E0B8BACF60BB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {9EF57809-E77C-443D-AD0B-C48CDD552324} - System32\Tasks\{ADEE50BE-98F7-4008-971C-9A0B647870DE} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A002264F-D7D7-41CC-8F56-86267FC74016} - System32\Tasks\{938C78CA-8500-4B8C-A4E6-09CF7DACC219} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A0385E51-2C14-4F76-96CA-4273BC5B0322} - System32\Tasks\{4209D4C6-5229-4152-A9B5-BF84D7950FFF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A055D475-56B1-443D-8EC4-D5EF9B28051F} - System32\Tasks\{503654A9-EAEB-4D91-829C-CA886711D2F2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A1B72AD0-C4EA-41BE-A383-07C4414269F9} - System32\Tasks\{1A95F507-3D78-417D-B7A5-286D45C4BC29} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A2A6B55C-7CD3-4D0B-9545-5C160B6674EB} - System32\Tasks\{16AA0DE5-70BD-4437-A28D-D6EDB27DC645} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A31657E3-3F4B-40CF-87B9-7F65682117D3} - System32\Tasks\{D237B464-0E26-49DF-86A9-4DBACEF7CEC2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A3A47FEB-6492-4A97-9BC1-47A774A79CB3} - System32\Tasks\{D3D9E217-6524-4384-BCA7-A9D3AACD5980} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A500C9A9-B5B9-4759-97AD-B0A56F670C75} - System32\Tasks\{2F293531-FEE6-4FEC-BFA7-2F6761AD05CD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A54DEDE9-92B4-4620-97D8-BAEE14588BB7} - System32\Tasks\{0F960185-D5BD-4B84-9805-70487228C1F4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A55AB9A4-2DA8-45C5-AF6E-2434B710B1A8} - System32\Tasks\{F655E6BF-3B7B-4E7D-B2BE-F7D675FEC731} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A590A95F-A17B-4F37-B6F7-86A6BC6D9E46} - System32\Tasks\{90C99DF9-7AC4-40AE-B601-C5AC4E096689} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A5C5DF15-6E7C-49C2-9346-9208E0C16E39} - System32\Tasks\{F60DC7A6-ECFC-4085-84EF-712E8387B400} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A6C96B66-E245-4AFF-87AF-5B132CBBD81D} - System32\Tasks\{8DC593EE-2AD9-4C8E-B2F8-CBC13DF3F458} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A77B45EE-D183-4F55-847E-5D35773D132D} - System32\Tasks\{6495E513-FE86-4F5C-B02F-F7AC638138DF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A788C2F2-1343-4CA7-970E-BF462DB66E7E} - System32\Tasks\{C41A97B6-8E21-43F6-968F-155E9DEFD744} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A81ECF9B-C985-4536-8C18-552BF25E61AB} - System32\Tasks\{0163FE9B-1C1E-47CE-9A9D-804B32F1E16F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A8961BC9-7558-44CE-B5FF-9F617EA1CD2B} - System32\Tasks\{5A19A512-DDA8-424B-81BB-8DA77D00FC05} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AA12B768-7602-49B7-8824-437DE730D5F5} - System32\Tasks\{D5F0B29F-EECC-4843-9830-1DEB0A96F063} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AA4FFD71-0625-4412-8B94-DB04BC599698} - System32\Tasks\{5F2D34A9-6DA3-472F-B8DA-7D2586A29BA9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AC121F24-0A3C-4D62-8E86-71419949697C} - System32\Tasks\{7A845C87-3392-4C4F-8F16-FFD470FEB32E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {ACE0B4FC-7C1F-4728-BBF2-889E02CA3001} - System32\Tasks\{653238F0-4456-4BA3-8838-F44CA7D06417} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-07-03] (Mozilla Corporation)
Task: {ACFA4C47-C658-4D53-8331-A94709C5F589} - System32\Tasks\{F8144B99-21E4-42AA-9219-D31FC1A80B24} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AD178653-C2E2-416E-BD33-8FB6E5308154} - System32\Tasks\{C36E67A5-C27E-453E-B2E1-56161784CE07} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AD183F78-0488-45AE-BE0C-C2BF91C042EC} - System32\Tasks\{F887184D-5C52-4D30-84AD-8632FEC13006} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AD404A14-65E8-4DC3-B4BF-FC1979AF4A06} - System32\Tasks\{CD4A0596-C335-4B15-8318-1B52454C817D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AD64E548-6912-446B-8B35-DDBA2591CACE} - System32\Tasks\{C1B4C90F-E599-4409-934E-32C3AC3B1A1E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AD7DA743-E979-4B7D-AD67-0B6BC5A1F113} - System32\Tasks\{38B46C6A-95DA-4F5A-819C-2CDA6E99EE89} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {ADE51C7A-7CA2-4A4C-B5FC-D3483973AFE0} - System32\Tasks\{D8391752-AC19-4E59-BE16-F257A1A7ED44} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AE3D4B2B-25A3-438A-A21A-CDC77B1BA329} - System32\Tasks\{EC309660-F33B-4A2E-850B-1AB1CFD59BCF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AE82396A-4B70-4B4F-BFF8-37403B006FCF} - System32\Tasks\{EF1D34BB-5AB9-466C-A113-F3CC4092CBC0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AE8F3773-FF87-4037-89BF-899BCEDF5E3C} - System32\Tasks\{78C4302D-9406-4044-9642-B91E5E0B684D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AE97D525-555A-4F37-A543-750331587C4F} - System32\Tasks\{EADDBFA6-564A-4809-A528-FAFA42693E97} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AEF9ED0D-3B3F-4760-BCE1-494965E25375} - System32\Tasks\{A83D804A-F794-4E26-8889-BDD885A48080} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {AFB012B1-42E2-42EA-B1DB-1BEE9216C7CD} - System32\Tasks\{25E00433-E1CB-48B0-BB52-766C40B2835D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B05422C0-DE24-4AAC-B4A6-C73C290260DB} - System32\Tasks\{B2546A12-097E-4858-A4BF-4E593F87936D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B05F373A-0152-417B-B399-0A4AC294F02E} - System32\Tasks\{CB45C460-ADF2-4A00-ACDE-1776DF079E0B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B06D3A12-ACF9-462F-A3D1-E22E9E16EF5A} - System32\Tasks\{17159FE8-0EF4-4955-8EB0-D07C8E7406F2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B0F51715-0430-4B3A-AB72-6B31AF18A645} - System32\Tasks\{103A6BDB-833F-43CF-93CA-5E3344E6A9DF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B18974DD-23D5-4A74-AD67-91C7491380BA} - System32\Tasks\{58BA5328-7DDE-4642-9CCA-F59AFD1718EE} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B2B1EB37-D7EE-4AA5-9585-FB2AB2F65750} - System32\Tasks\{3C03C0D3-BB35-4F79-8D89-33ED3BC9091B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B31E69DE-BFA7-4881-AD69-62BB41C2FABA} - System32\Tasks\{F44B74B9-8941-4E54-87DE-802DB1A4B92E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B362B881-D709-4FAB-BF59-74B407C29C1E} - System32\Tasks\{30C8E9E0-ACC3-49AF-9774-AC522F7FE5D3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B41A7EDB-C9F7-4FD0-9AE5-ED38A28B455D} - System32\Tasks\{27880499-42EB-4A12-BD1B-A00AC0F360CD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B4AE789C-B5C6-4F35-A7C1-3E4E04A5EB74} - System32\Tasks\{5C3805C8-4B34-42B7-AE26-39E73AE9201B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B4E96FA9-E020-461D-8FE2-C3F253CDC610} - System32\Tasks\{35678E64-EBF0-4032-ABFF-3411C71F26B6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B53E365C-81CA-45A7-AC0B-A882E5626C03} - System32\Tasks\{3E0CD75D-6250-4AB5-B0BF-45390AA74BFC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B5825EA7-08DA-46E0-BF1B-79E5638C24B1} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {B5FF93F9-11CB-46A2-BA15-22CF11026772} - System32\Tasks\{F537F4B9-50C3-40BD-A22D-00116965168B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B8FCB41D-0945-4E3D-AE5D-D1A981792E1F} - System32\Tasks\{254EE896-D944-4435-A10C-6F70252F1598} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {B9E49EF4-5060-4B2B-BFD3-26CE371E32A0} - System32\Tasks\{4A19030E-8F94-48C3-B9F8-38C4CAE1BB33} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BA3ACA72-1D04-4188-A551-1B684A60CFAF} - System32\Tasks\{E0B70018-0ECA-4C43-9C68-925116689792} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BA649D73-BAAB-418F-BFB0-C3FC6D3B2BFC} - System32\Tasks\{02D01824-FCEB-405C-B2AF-E29DDB644010} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BAA06869-38E2-45A7-B4BD-8B2882A36E8C} - System32\Tasks\{AD6B0911-5313-4779-A8BC-F815F2309057} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BB4EE5EE-0BE6-497C-A891-60722635E9A0} - System32\Tasks\{B07634FD-77DB-4817-B7CB-DEAE3C2A9149} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BB70EE43-AB8A-40D4-8A19-D46F8A478B49} - System32\Tasks\{24FE128F-36C6-4C41-A98E-3BB6EBD8FEA3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BBCE50D8-D792-4A84-9E74-6A94092B302E} - System32\Tasks\{A2BBA4B8-0000-4E01-A8A5-B427EF94A09D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BCAFF287-7E71-4C5B-ABA6-7AC88E6D5382} - System32\Tasks\{FC1E3D20-13AD-42FB-9557-644556BCA640} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BEFB3C4E-93E9-42BA-9DAB-03C172C39833} - System32\Tasks\{B485E5CF-A6AF-4FC8-B3C6-305E477166D1} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BF78F2D8-4F09-4C47-A884-9D955C5A54F9} - System32\Tasks\{2B33E2C2-B0FF-4519-B895-B727378186CD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {BFB8F305-87BB-4EB0-8106-FD001D3A212B} - System32\Tasks\{F1053B36-B4A0-4B22-91DE-625AEA8248F6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C027BE6C-746F-44CF-879D-D6ADBFBA52F5} - System32\Tasks\{98C8FC1A-CEAC-4A6B-9F4F-7F3B0F1C9A25} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C1C97775-EBF2-49D6-9E4D-883692298DC2} - System32\Tasks\{6C0BE101-FD57-4720-BE39-86B2D5D2EF8D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C1E66631-BB78-47E0-83E3-9FC53CF2C096} - System32\Tasks\{422F9C6A-A2EC-436E-86A3-D07432745A94} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C24018D7-111D-43BC-8065-E9C5CCE35049} - System32\Tasks\{19324A88-BFDB-4DB2-863C-EA4E7CCC05E3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C27F40C9-81E6-409C-85F2-05E5BD12C60F} - System32\Tasks\{9E6DE3B9-5212-434F-B22A-8D05CB8C2779} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C2EBC9E9-9741-450B-B5A0-8037EDE254E4} - System32\Tasks\{47DFCFC4-5882-44CE-A9DE-912841D7742D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C3FE0AEA-55B5-4C7F-B197-288B07BF5E12} - System32\Tasks\{3647444B-0196-4DED-A536-4DAF321D15AD} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C75F19BF-E568-49F4-991B-02B31E6786BC} - System32\Tasks\BrowserProtect => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {C783C9F7-2F39-4CB1-B502-AA6570C392AB} - System32\Tasks\{72532035-A7F0-4ABC-9DC8-3EA2B01EB319} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C7AAAB7B-CF11-4D61-BC85-C06C7E59032E} - System32\Tasks\{94BAE9FC-6907-4581-B8D9-C64E1BF2757E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C874F748-422B-4FDA-AF91-09A346315758} - System32\Tasks\{FD2AFE61-C3D9-4410-A86C-56370B59E64A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C9502B91-2A71-43C7-A46E-5A48962E636E} - System32\Tasks\{27FA418D-2D03-49BF-8B0E-2A28B71A2368} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C994053D-4E3D-4F0D-B3D4-660E08489A13} - System32\Tasks\{9833BF0E-62CB-4DC3-82B0-569719306594} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C9C296EA-E4BB-4491-88C7-304C77424830} - System32\Tasks\{51397956-4FD9-4C02-AA9C-A0D081CD4326} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {C9F493E7-E684-4AD8-B1D4-750DE77797E4} - System32\Tasks\User_Feed_Synchronization-{A0C22FBD-CC6F-47C1-AB00-DCE59D1AFD01} => C:\Windows\system32\msfeedssync.exe [2013-03-29] (Microsoft Corporation)
Task: {C9FD93B1-E542-429D-98A0-CCA56075A8DF} - System32\Tasks\{265A87B9-1628-4E17-B261-32925616E1F4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CA87B6E7-7708-45BC-B8C4-19420F21DF67} - System32\Tasks\{B3568F15-FA64-4495-B87D-E1100B48C509} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CBFA0172-DEBC-443F-AB56-565E5FF0AAA0} - System32\Tasks\{22A369C0-1D79-4620-B4B5-7DFDC721885C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CC7D1FDE-3BE9-41D9-A701-78119E2E5016} - System32\Tasks\{DC431B78-8983-46EE-BFC0-D7336C307076} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CCA059EB-A44A-41D0-868C-C7F87956AB00} - System32\Tasks\{321A7A5B-4113-46DE-949A-F5AC4DDD1BF9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CD32A630-F995-424F-BD26-596B69C7D5EA} - System32\Tasks\{727E7066-1998-43F9-B230-ACD454550252} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CDF8C556-3E99-441C-AF92-F16286FBDA63} - System32\Tasks\{3FD99289-EDFE-4156-9C23-44B1C972FEB4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CE0892C7-8656-4E7C-B9CE-5263C93573AC} - System32\Tasks\{858A87BD-AF56-45D1-A47F-E4C3F119F44A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CEE2D1B1-6554-4381-86CB-011E918D8DD9} - System32\Tasks\{45C6840A-C6DE-44F0-A7A6-EB939FACFF18} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {CF4BB93F-564E-4BEC-9037-E19A0698CAD9} - System32\Tasks\RunAsStdUser Task => c:\program files\matlab\r2010a\MATLAB R2010a.lnk [2013-01-12] ()
Task: {CFF787B9-DCE8-49E5-9293-3774004966A2} - System32\Tasks\{F94E0975-7BDE-4117-8D09-9C35913F27C6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D0DEFAC5-6AAF-4984-8DA4-592DA98B063B} - System32\Tasks\{F7C28088-DEDD-4802-AD26-F068F9CCBFE6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D1737411-9AF8-4E71-A366-D3C60F7BE01E} - System32\Tasks\{43A95FEA-C7A0-46F7-AC2E-07BC2324C78E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D26EE7DA-9D7E-4CC9-A4C4-CB306B14C6F1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {D28447B9-B4F4-4E17-8417-66E47F45636B} - System32\Tasks\{C234FEF7-3028-44ED-A0CB-9C6F096D6B09} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D2C87CBD-1E98-49B5-85FD-0FD36E9B3A13} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000Core => C:\Users\Simon\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-04] (Facebook Inc.)
Task: {D2CBDB0A-57F1-4E4D-BFEF-A55CB9CE7529} - System32\Tasks\{96A4C54E-B565-494C-83E4-1E4AB9CD3B87} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D4E745C4-892A-43D3-B3AE-63B6FB6329A4} - System32\Tasks\{7CE0031B-8593-403C-A607-CC07A9847E7A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D6565861-D702-48AA-BF0D-FE6E5B3C35CE} - System32\Tasks\{1AE1E3BF-5E7B-47D0-AEEB-45C59F0D5819} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D69387EE-6BED-4B79-86DC-01D0652EDFE4} - System32\Tasks\{359469B8-ACEE-44C6-A92B-6572B1852F0A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D7BCB29C-C5CD-4A54-A82E-84CAD2326E77} - System32\Tasks\{72FF89A2-5A8F-42BF-B59A-06F70967AFE7} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D813278F-4ABD-42CE-B0D0-B1C6D834C563} - System32\Tasks\{6F60B1B3-2A3B-4A6B-AE82-CE2F36FFB421} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {D82CB069-9817-478F-B9AF-1B8886EE6047} - System32\Tasks\{78E59F65-05F3-403D-9FED-321689CE4610} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DA39C1B6-110A-404A-BCC5-E4BC1FAB1BE8} - System32\Tasks\{EBFB99EB-F99B-4624-A2A6-D4BF2FF646DF} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DB0BC81C-0F7D-497A-8B42-ED69528D820B} - System32\Tasks\{147A8218-8260-4CAA-8264-6D5B3E0E159A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DB29029A-5C1F-4260-883E-C0A73A733686} - System32\Tasks\{99CE313A-3293-45C7-9608-2641FBC41909} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DB96210D-CA63-43FA-8F97-3BE7947BA194} - System32\Tasks\{895368FC-E9E2-4A5E-A07E-C248BD046A82} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DC7C27C6-684B-4634-A6E9-8DE34AF16BDA} - System32\Tasks\{49C132AB-FF8A-4D14-AD3E-E46E6F30D090} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DCDD6119-873A-4A91-9170-93DC596DB67C} - System32\Tasks\{D7A1C832-02CF-4DB7-9244-ACCE0ADD29F6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DD77C061-5F17-47D7-9EA2-DCA7DA7B951F} - System32\Tasks\{6BF58350-2182-457A-9B59-06B6282857FA} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DF1D1472-3AE4-4479-97E0-F8EC607FA23D} - System32\Tasks\{BDAFCB32-D547-448B-993E-567CC30A5223} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DF4FA525-D028-4222-8640-8B4BD73BBD84} - System32\Tasks\{A97469AE-398A-4CA9-9B27-E010DD73AC4B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DFC5EB30-AD9A-4ED7-BF82-F0E733314F17} - System32\Tasks\{CC3446DC-271F-49CD-803D-7F4566A5EC16} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E2364F76-1C87-4CF9-AC0F-AD75D72140BF} - System32\Tasks\{1E41CFFD-DA2D-4090-B271-B5BEC21C36EC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E23A8068-4D19-4043-9D5A-4C1E243B11F3} - System32\Tasks\{62F3C7CF-6C7C-4E2C-83E9-E4C73015397F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E2DA3A19-4245-428F-B4C6-E75079822E58} - System32\Tasks\{2C1885D8-97D0-4EF6-9557-24D8A79AAB40} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E3D478E1-E6FA-4F2D-8F49-13169FF73897} - System32\Tasks\{1FE53793-B5DD-44B9-8D7F-A6F44FD5E795} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E491323C-F411-45ED-A90D-3E50E3F787A8} - System32\Tasks\{758C2B54-769D-472B-AD71-1E9C8134E733} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E5196806-82E2-44ED-91CF-04CC89E01747} - System32\Tasks\{B5139672-5588-4B44-8D6B-0C164E5DE08F} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E54D57DE-4D40-47C6-B6F2-8F1384C5C505} - System32\Tasks\{5E492F88-1FD9-48EF-B445-990507857896} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E5B272B7-0AEB-4E71-8D6B-E51CB1565A68} - System32\Tasks\{9EFFADAD-AB43-4720-B066-2A4C4102A7C2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E69CB331-7C6A-48C4-B368-95A07BE69793} - System32\Tasks\{3C2278C3-6A5D-4621-8D61-D555286C08D7} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E70872E2-F163-4D25-8791-8123B383504A} - System32\Tasks\{925CE0EA-272E-4975-8B44-4CC95DBC4C84} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E78921EB-FC72-4D47-BDD2-E543FC1C34A7} - System32\Tasks\{7CB5A6C6-E62B-4FC3-9505-007F735FFA34} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E78B96FE-8BA0-4ECA-933E-80E273D349E4} - System32\Tasks\{BA69F1B5-CFDD-4B4A-9237-9774EAD82771} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E7C46CF0-DFCE-4DA4-A8CA-71D90CB020DB} - System32\Tasks\{DEA72CE9-8721-4A41-9BDA-1CEF1E849150} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E8151BB6-A49C-4820-A026-B2A01EDE7581} - System32\Tasks\{44DFFE6B-6A5C-4638-8351-25A0FBEFC008} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E86DC917-03CF-422D-B811-E18F1C0403A8} - System32\Tasks\{10CAFFEA-BBA3-47F9-8459-0673F420592D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {E930CF0F-6B31-4AEA-A0BC-0678677A1E99} - System32\Tasks\EPUpdater => C:\Users\Simon\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {EA92BAF4-E5BB-431A-A483-513534C8BBD8} - System32\Tasks\{03BA9BE6-7F19-4B84-BF3D-E41D0F87CFB8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {EBF47863-49FE-444A-A172-757788A574DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {ECC0B62A-E294-41C8-911A-DDC8C1B22FF0} - System32\Tasks\{7912498D-DA8F-4F7E-8C5C-38AB8D2BFB1A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {ECC5E631-2CF9-432E-BC08-8ABB88BCD4F6} - System32\Tasks\{49949003-4319-4F91-87D2-9C7ED9CC0F3E} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {ED768912-1951-425F-A421-FF8C7590565C} - System32\Tasks\{944CA58E-A1B0-4EBB-BF75-30EFF830E4C2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {ED7F91B7-C822-498E-9B27-ABF5640DC35B} - System32\Tasks\{A5D07FB1-90D6-4A10-B015-589E1FAA83DB} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {EE89EDE1-3F5A-463A-A255-C39E4A3B4B5E} - System32\Tasks\{46AA79AC-FA83-46EE-8F18-FC18B8AD5BF2} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {EF0C3FBF-DC6D-4156-8220-A08EE2154990} - System32\Tasks\{49F9064F-CBF8-48CF-8CD7-32953046F7D3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {EF732270-FF3D-4CB3-82EF-1FD2A20E9913} - System32\Tasks\{5827C1FE-0549-40C8-904B-F91A3AE2E6E4} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {EFD01DF5-EC26-4914-89F9-06DAF606F209} - System32\Tasks\{5E030398-1EAC-4E3B-8E12-D1B720D65AD6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {EFD36241-17B6-485B-8995-58B855F33CD7} - System32\Tasks\{42EFE5CD-564A-4C70-B982-8F3D927CC6DC} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F086209F-6F40-422C-8C45-9E29C0703E4C} - System32\Tasks\{B182EFD2-3168-4070-8F84-B78CBE0ADFD3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F16D73DF-BCB7-4B33-B3C4-276B5D09E08E} - System32\Tasks\{6005817D-400E-4EF6-84A4-CC85BA5143A8} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F2493E76-CB38-409A-99DB-0E81CD29DB33} - System32\Tasks\{4BE70849-AA90-4AD8-B14B-DB1B2E31B348} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F2F3317B-A7E8-469A-AE6A-8D93AAB9C377} - System32\Tasks\{92AE82F0-A710-41C9-A6F3-64755E3B645D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F652AB8D-0AE1-4CD2-AE3E-D5721B6023B0} - System32\Tasks\{88E4323E-438E-4A83-999D-AF77A5EE3337} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F6BDAF79-3E16-4FE9-B0D4-FC449F75762F} - System32\Tasks\{0A326C02-A756-4B66-A4F2-872445607583} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F730C8A8-0F64-4073-8FF0-2894DF49DB83} - System32\Tasks\{E3A9B531-87ED-4BA6-B599-6BFDBC6277A1} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F76A0D61-C1CF-4700-8CCA-3A6BF2210815} - System32\Tasks\{F31CEA8D-F668-4396-87F1-350D0B475CF5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F7B515F4-A03D-4922-A18E-767FB10FAECB} - System32\Tasks\{29816586-EE63-4C1C-965B-42CDD84742E0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F8F0B2B1-84CD-4D09-8ED4-F7E9EA129643} - System32\Tasks\{4B3011BE-6A23-4C6F-B728-CB62791000E9} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F9BAFEAE-7619-42BC-BC60-FD8F1E6B1BFC} - System32\Tasks\{288937EE-C1F1-4177-BD74-EC6F459E65D5} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F9C97F89-8B9B-47F0-B173-A2E6797B6883} - System32\Tasks\{A3E23446-594A-409D-923B-BAF7B6821051} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {F9E7E68F-EC1C-4D75-BDCD-006E69D2997A} - System32\Tasks\{134382E7-6F63-4334-9140-F8B5C64E5E0A} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FA641CF3-4D7A-4A42-82C2-E3E47339981E} - System32\Tasks\{DDAE840B-9DED-48CB-B236-51B9CDB37F88} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FAFDEA36-1DE1-46EB-92D8-A2BF070E7856} - System32\Tasks\{617BAD1B-F1CB-4B66-855D-F3B698C1BFC1} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FB22A68E-8778-4C2A-9649-4E1811AC3DB9} - System32\Tasks\{32255D01-D376-40A5-8519-2515CE8DC9E1} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FB7A15FC-178F-4FC4-8726-D12548A5AA17} - System32\Tasks\{73727924-0AF0-41D7-81BC-989D777B585C} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FD07D121-F3CA-4E8D-8ACE-5D2F0F57D71B} - System32\Tasks\{BB63E88F-CC1E-4B4C-9938-507844FBA6D3} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FDC84F6E-C2F7-4F9D-B235-89A6554AAF31} - System32\Tasks\{EB756DA7-BFEB-4EE4-8B7B-5F7BA9E29F58} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FEB502FF-E0FB-406B-9BF9-4C2AD0AC0F1C} - System32\Tasks\{E309E524-FCA6-43E4-BD86-0EC59A1A10F0} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FED1E23F-23C6-4314-A06E-78D3D92DD75C} - System32\Tasks\{2A5BCF54-6756-4B19-BC11-D1407808353B} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {FF8FB21D-DE3A-482C-A73D-F2F7BDAEEDA5} - System32\Tasks\{03BC8E21-5B9E-4237-BC46-9EC4F9041C4D} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000Core.job => C:\Users\Simon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-562858968-3123787554-3258265573-1000UA.job => C:\Users\Simon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 3956.41 MB
Available physical RAM: 2477.7 MB
Total Pagefile: 7911 MB
Available Pagefile: 6222.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231 GB) (Free:101 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:344.27 GB) (Free:203.82 GB) NTFS (Disk=0 Partition=4)
Drive e: (NBA 2K13) (CDROM) (Total:6.86 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21 GB) - (Type=27)
==================== End Of Log ============================
|
|
27.07.2013, 22:54
| #6 |
| /// TB-Ausbilder | Mail account gehackt? Servus, wir spüren noch die letzten Reste auf, damit wir sie im Anschluss entfernen können: Lade SystemLook von jpshortstuff vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
|
|
29.07.2013, 11:36
| #7 |
| | Mail account gehackt? Servus, Hier die Ergebnisse des Scans mittels Systemlook: Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 12:20 on 29/07/2013 by Simon
Administrator - Elevation successful
========== filefind ==========
Searching for "*BrowserProtect*"
C:\Windows\System32\Tasks\BrowserProtect --a---- 3432 bytes [22:28 26/07/2013] [09:14 27/07/2013] 9B2CA9FB2B535472D5D5BCDDE5F83C8E
Searching for "*babylon*"
C:\Users\Simon\AppData\Local\Temp\E46500B7-BAB0-7891-AEF7-FD60E56620C7\Latest\Babylon.dat --a---- 12384 bytes [12:17 19/02/2013] [12:17 19/02/2013] 825E5733974586A0A1229A53361ED13E
C:\Users\Simon\AppData\Local\Temp\E46500B7-BAB0-7891-AEF7-FD60E56620C7\Latest\MyBabylonTB.exe --a---- 2028384 bytes [13:15 23/01/2013] [13:15 23/01/2013] 42D8EBB6DCB232E81F93CD4F280058DC
Searching for "*bprotector*"
No files found.
Searching for "*foxydeal*"
C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\p5c6bd9b.default\foxydeal.sqlite --a---- 65536 bytes [15:03 27/07/2013] [15:03 27/07/2013] D99ACD2D67FCF1929EF8FB7623C62392
Searching for "*Movie2KDownloader*"
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R60FGSZZ\Movie2KDownloader[1].exe --a---- 1262192 bytes [11:21 24/03/2013] [11:21 24/03/2013] C925C5B7E2B0B9A9D5D67082323FEE61
Searching for "*PutLockerDownloader*"
No files found.
Searching for "*BabSolution*"
No files found.
Searching for "*file scout*"
No files found.
Searching for "*DataMngr*"
C:\Program Files\MATLAB\R2010a\toolbox\wavelet\wavelet\blockdatamngr.m --a---- 1120 bytes [17:08 12/01/2013] [16:13 19/11/2006] 8644F3C044B7B6ECC586FD7C5575C7AD
Searching for "*delta LTD*"
No files found.
Searching for "*1ClickDownload*"
No files found.
Searching for "*Chrome Toolbar*"
No files found.
========== folderfind ==========
Searching for "*BrowserProtect*"
No folders found.
Searching for "*babylon*"
No folders found.
Searching for "*bprotector*"
No folders found.
Searching for "*foxydeal*"
No folders found.
Searching for "*Movie2KDownloader*"
No folders found.
Searching for "*PutLockerDownloader*"
No folders found.
Searching for "*BabSolution*"
No folders found.
Searching for "*file scout*"
No folders found.
Searching for "*DataMngr*"
No folders found.
Searching for "*delta LTD*"
No folders found.
Searching for "*1ClickDownload*"
No folders found.
Searching for "*Chrome Toolbar*"
No folders found.
========== regfind ==========
Searching for "BrowserProtect"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C75F19BF-E568-49F4-991B-02B31E6786BC}]
"Path"="\BrowserProtect"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect]
Searching for "babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
Searching for "bprotector"
No data found.
Searching for "foxydeal"
No data found.
Searching for "Movie2KDownloader"
No data found.
Searching for "PutLockerDownloader"
No data found.
Searching for "BabSolution"
No data found.
Searching for "file scout"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\filescout\command]
@=""C:\Users\Simon\AppData\Roaming\File Scout\filescout.exe" /sc "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\shell\openas\command]
@=""C:\Users\Simon\AppData\Roaming\File Scout\filescout.exe" /open "%1""
Searching for "DataMngr"
No data found.
Searching for "delta LTD"
No data found.
Searching for "1ClickDownload"
No data found.
Searching for "Chrome Toolbar"
No data found.
-= EOF =-
|
|
29.07.2013, 14:04
| #8 |
| /// TB-Ausbilder | Mail account gehackt? Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles: Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
Task: {C75F19BF-E568-49F4-991B-02B31E6786BC} - System32\Tasks\BrowserProtect
Task: {E930CF0F-6B31-4AEA-A0BC-0678677A1E99} - System32\Tasks\EPUpdater => C:\Users\Simon\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
30.07.2013, 14:54
| #9 |
| | Mail account gehackt? Servus, hier die Logfiles der letzten 4 Scans: FRST: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-07-2013 04
Ran by Simon at 2013-07-29 16:17:23 Run:1
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==============================================
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C75F19BF-E568-49F4-991B-02B31E6786BC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C75F19BF-E568-49F4-991B-02B31E6786BC} => Key deleted successfully.
C:\Windows\System32\Tasks\BrowserProtect => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E930CF0F-6B31-4AEA-A0BC-0678677A1E99} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E930CF0F-6B31-4AEA-A0BC-0678677A1E99} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
==== End of Fixlog ====
mbam: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.07.29.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Simon :: SIMON-PC [Administrator] Schutz: Aktiviert 29.07.2013 16:24:12 mbam-log-2013-07-29 (16-24-12).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 223177 Laufzeit: 4 Minute(n), 11 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Simon\AppData\Local\Temp\285D.tmp (Adware.BProtector) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3c15f9905df7654dbfa62844ce6bd956
# engine=14578
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-29 06:57:20
# local_time=2013-07-29 08:57:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 33526 240543930 26310 0
# compatibility_mode=5893 16776573 100 94 267225 126754090 0 0
# scanned=418665
# found=4
# cleaned=0
# scan_time=15100
sh=E592559E1339D7C4621C1261ACCA3ADD94074AF6 ft=1 fh=df6d1106df9b0f04 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\$Recycle.Bin\S-1-5-21-562858968-3123787554-3258265573-1000\$ROZ4SHB.dll"
sh=2DC62A264BF770710E01CB8541A73DAD345DBA7C ft=1 fh=21ffcdb63e386881 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Simon\Downloads\extreme_dinosaurs.exe"
sh=623704DB7A6A04F28AE8EC9C7555C109324FB2D7 ft=1 fh=b66c729283c0f376 vn="Win32/StartPage.OPH trojan" ac=I fn="C:\Users\Simon\Downloads\vlc-2.0.0-win32.exe"
sh=726499DFB97C0CCEC1B877B9790C1F47EF96EA22 ft=1 fh=61593fe5cd42e9c8 vn="Win32/Conficker.Z worm" ac=I fn="I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx"
security check: Code:
ATTFilter Results of screen317's Security Check version 0.99.71 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 21 Java version out of Date! Adobe Flash Player 11.7.700.224 Adobe Reader 10.1.7 Adobe Reader out of Date! Mozilla Firefox (22.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
30.07.2013, 20:43
| #10 |
| /// TB-Ausbilder | Mail account gehackt? Servus, Fixen mit OTL
Code:
ATTFilter :files
C:\Users\Simon\Downloads\extreme_dinosaurs.exe
C:\Users\Simon\Downloads\vlc-2.0.0-win32.exe
:Commands
[emptytemp]
Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Schritt 1 Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Schritt 2 Deine Version von Adobe Flash Player ist veraltet. Bitte folge diesen Schritte, um Adobe Flash zu aktualisieren:
Schritt 3 Deinstalliere bitte deine aktuelle Version von Adobe Reader Start--> Systemsteuerung--> Software / Programme deinstallieren--> Adobe Reader und lade dir die neue Version von Hier herunter- Entferne den Hacken für den McAfee SecurityScan bzw. Google Chrome. Schritt 4 Die Reihenfolge ist hier entscheidend.
Schritt 5 Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems. Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von Registry Cleanern. Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link: Miekemoes Blogspot ( MVP ) Was du vermeiden solltest:
Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
31.07.2013, 11:30
| #11 |
| | Mail account gehackt? Servus, Erstmal hier noch das letzte Logfile: Code:
ATTFilter All processes killed
========== FILES ==========
C:\Users\Simon\Downloads\extreme_dinosaurs.exe moved successfully.
C:\Users\Simon\Downloads\vlc-2.0.0-win32.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Simon
->Temp folder emptied: 2499951115 bytes
->Temporary Internet Files folder emptied: 80759647 bytes
->Java cache emptied: 564010 bytes
->FireFox cache emptied: 454904110 bytes
->Flash cache emptied: 95426 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 710842854 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46385782 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3.618,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07302013_235732
Files\Folders moved on Reboot...
C:\Users\Simon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
So, dann dir nochmal recht herzlichen Dank für deine großartige Hilfe! Aber ich habe noch ein paar letzte Fragen. Zum einen habe ich noch weitere E-mails der besagten Art und Weise, nach Ändern des Passworts bekommen. Die letzte kam am 30.07 um 6.25 Uhr. War das "normal"? Außerdem habe ich nach dieser Mail eine Mail von GMX bekommen, in der beschrieben war, dass mein Konto aus Sicherheitsgründen erstmal gesperrt wird, bis ich das Passwort erneut ändere. Das habe ich dann auch getan. Kann ich trotzdem davon ausgehen, dass mein PC jetzt sauber ist und ich keine weiteren Probleme mit meinem E-mail account haben werde? Nochmals vielen Dank und beste Grüße! |
|
31.07.2013, 15:15
| #12 |
| /// TB-Ausbilder | Mail account gehackt? Servus, Malware habe ich keine mehr auf deinem Rechner gesehen, daher denke ich, dass auch das mit deinem Email-Account passten sollte. Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
Textbox. 
Linear-Darstellung
